You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by mi...@apache.org on 2022/10/19 10:44:58 UTC

[superset] branch master updated: feat: Disables HTML rendering in Toast by default (#21853)

This is an automated email from the ASF dual-hosted git repository.

michaelsmolina pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/superset.git


The following commit(s) were added to refs/heads/master by this push:
     new 47b1e0ca9d feat: Disables HTML rendering in Toast by default (#21853)
47b1e0ca9d is described below

commit 47b1e0ca9dfdea153e133442bee676ba9a73aba0
Author: Michael S. Molina <70...@users.noreply.github.com>
AuthorDate: Wed Oct 19 07:44:50 2022 -0300

    feat: Disables HTML rendering in Toast by default (#21853)
---
 superset-frontend/src/components/MessageToasts/Toast.tsx | 2 +-
 superset-frontend/src/components/MessageToasts/types.ts  | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/superset-frontend/src/components/MessageToasts/Toast.tsx b/superset-frontend/src/components/MessageToasts/Toast.tsx
index 82a57e199d..0a1a93d92a 100644
--- a/superset-frontend/src/components/MessageToasts/Toast.tsx
+++ b/superset-frontend/src/components/MessageToasts/Toast.tsx
@@ -97,7 +97,7 @@ export default function Toast({ toast, onCloseToast }: ToastPresenterProps) {
       role="alert"
     >
       {icon}
-      <Interweave content={toast.text} />
+      <Interweave content={toast.text} noHtml={!toast.allowHtml} />
       <i
         className="fa fa-close pull-right pointer"
         role="button"
diff --git a/superset-frontend/src/components/MessageToasts/types.ts b/superset-frontend/src/components/MessageToasts/types.ts
index cd41927847..fd4b27074b 100644
--- a/superset-frontend/src/components/MessageToasts/types.ts
+++ b/superset-frontend/src/components/MessageToasts/types.ts
@@ -31,4 +31,6 @@ export interface ToastMeta {
   /** Whether to skip displaying this message if there are another toast
    * with the same message. */
   noDuplicate?: boolean;
+  /** For security reasons, HTML rendering is disabled by default. Use this property to enable it. */
+  allowHtml?: boolean;
 }