JoshuaJADaniel commented on PR #36201: URL: https://github.com/apache/superset/pull/36201#issuecomment-3579694843
> This looks SO cool! > > The only thing I'd like to request right now (to prevent XSS attacks) is to put the Javascript forms and the checkboxes to reveal them behind the `ENABLE_JAVASCRIPT_CONTROLS` feature flag by adding `isFeatureEnabled(FeatureFlag.ENABLE_JAVASCRIPT_CONTROLS)` where relevant. A lot of orgs have that flag turned off for (very good) safety reasons. > > Otherwise, this is complete awesomeness! @rusackas Thank you, and valid security concern! I made this change in 740b3c2f68daaa2004ff7f08189b108d5f754f5c. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
