This is an automated email from the ASF dual-hosted git repository. diegopucci pushed a commit to branch chore/handlebars-safemarkdown-config in repository https://gitbox.apache.org/repos/asf/superset.git
commit 07a550c0455d31540d079ce4d01736b92e8cf71d Author: geido <[email protected]> AuthorDate: Wed Dec 14 12:42:28 2022 +0100 Force configuration for SafeMarkdown --- .../superset-ui-core/src/components/SafeMarkdown.tsx | 15 ++++++++------- .../src/dashboard/components/gridComponents/Markdown.jsx | 8 -------- 2 files changed, 8 insertions(+), 15 deletions(-) diff --git a/superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown.tsx b/superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown.tsx index 4db48d4265..7ab7e71348 100644 --- a/superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown.tsx +++ b/superset-frontend/packages/superset-ui-core/src/components/SafeMarkdown.tsx @@ -25,15 +25,16 @@ import { FeatureFlag, isFeatureEnabled } from '../utils'; interface SafeMarkdownProps { source: string; - htmlSanitization?: boolean; - htmlSchemaOverrides?: typeof defaultSchema; } -function SafeMarkdown({ - source, - htmlSanitization = true, - htmlSchemaOverrides = {}, -}: SafeMarkdownProps) { +function SafeMarkdown({ source }: SafeMarkdownProps) { + const appContainer = document.getElementById('app'); + const { common } = JSON.parse( + appContainer?.getAttribute('data-bootstrap') || '{}', + ); + const htmlSanitization: boolean = common?.conf?.HTML_SANITIZATION ?? true; + const htmlSchemaOverrides: typeof defaultSchema = + common?.conf?.HTML_SANITIZATION_SCHEMA_EXTENSIONS || {}; const displayHtml = isFeatureEnabled(FeatureFlag.DISPLAY_MARKDOWN_HTML); const escapeHtml = isFeatureEnabled(FeatureFlag.ESCAPE_MARKDOWN_HTML); diff --git a/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx b/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx index d4a4f7790b..79fccfadc9 100644 --- a/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx +++ b/superset-frontend/src/dashboard/components/gridComponents/Markdown.jsx @@ -65,10 +65,6 @@ const propTypes = { deleteComponent: PropTypes.func.isRequired, handleComponentDrop: PropTypes.func.isRequired, updateComponents: PropTypes.func.isRequired, - - // HTML sanitization - htmlSanitization: PropTypes.bool, - htmlSchemaOverrides: PropTypes.object, }; const defaultProps = {}; @@ -269,8 +265,6 @@ class Markdown extends React.PureComponent { ? MARKDOWN_ERROR_MESSAGE : this.state.markdownSource || MARKDOWN_PLACE_HOLDER } - htmlSanitization={this.props.htmlSanitization} - htmlSchemaOverrides={this.props.htmlSchemaOverrides} /> ); } @@ -379,8 +373,6 @@ function mapStateToProps(state) { return { undoLength: state.dashboardLayout.past.length, redoLength: state.dashboardLayout.future.length, - htmlSanitization: state.common.conf.HTML_SANITIZATION, - htmlSchemaOverrides: state.common.conf.HTML_SANITIZATION_SCHEMA_EXTENSIONS, }; } export default connect(mapStateToProps)(Markdown);
