diff --git a/src/components/html/HTML.js b/src/components/html/HTML.js index 16653f32ea..cd4838da13 100644 --- a/src/components/html/HTML.js +++ b/src/components/html/HTML.js @@ -45,15 +45,13 @@ export default class HTMLComponent extends Component { } const submission = _.get(this.root, 'submission', {}); - const content = this.component.content ? this.interpolate( - this.sanitize(this.component.content, this.shouldSanitizeValue), - { - metadata: submission.metadata || {}, - submission: submission, - data: this.rootValue, - row: this.data + const content = this.component.content ? this.interpolate(this.component.content, { + metadata: submission.metadata || {}, + submission: submission, + data: this.rootValue, + row: this.data }) : ''; - return content; + return this.sanitize(content, this.shouldSanitizeValue); } get singleTags() { diff --git a/src/components/html/HTML.unit.js b/src/components/html/HTML.unit.js index f5bac52a5c..1ffe31ebb1 100644 --- a/src/components/html/HTML.unit.js +++ b/src/components/html/HTML.unit.js @@ -1,4 +1,3 @@ -import Webform from '../../Webform'; import Harness from '../../../test/harness'; import HTMLComponent from './HTML'; import sinon from 'sinon'; @@ -6,8 +5,7 @@ import assert from 'power-assert'; import { comp1, - comp2, - comp3, + comp2 } from './fixtures'; describe('HTML Component', () => { @@ -32,18 +30,4 @@ describe('HTML Component', () => { assert.equal(emit.callCount, 0); }); }); - - it('Should not execute scripts inside HTML component', (done) => { - const formElement = document.createElement('div'); - const form = new Webform(formElement); - - const alert = sinon.spy(window, 'alert'); - form.setForm(comp3).then(() => { - setTimeout(() => { - assert.equal(alert.callCount, 0); - done(); - }, 200); - }) - .catch(done); - }); }); diff --git a/src/components/html/fixtures/comp3.js b/src/components/html/fixtures/comp3.js deleted file mode 100644 index 12a0d3d6dd..0000000000 --- a/src/components/html/fixtures/comp3.js +++ /dev/null @@ -1,29 +0,0 @@ -export default { - type: 'form', - display: 'form', - components: [ - { - label: 'HTML', - attrs: [ - { - attr: '', - value: '', - }, - ], - content: '', - refreshOnChange: false, - key: 'html', - type: 'htmlelement', - input: false, - tableView: false, - }, - { - type: 'button', - label: 'Submit', - key: 'submit', - disableOnInvalid: true, - input: true, - tableView: false, - }, - ], -}; diff --git a/src/components/html/fixtures/index.js b/src/components/html/fixtures/index.js index 63f18da5cf..7c38dd8065 100644 --- a/src/components/html/fixtures/index.js +++ b/src/components/html/fixtures/index.js @@ -1,4 +1,3 @@ import comp1 from './comp1'; import comp2 from './comp2'; -import comp3 from './comp3'; -export { comp1, comp2, comp3 }; +export { comp1, comp2 };