Skip to content

Commit

Permalink
Revert "FIO-7466: Make tooltips show non-rendered HTML"
Browse files Browse the repository at this point in the history
  • Loading branch information
lane-formio authored Jan 22, 2024
1 parent 90a681b commit df600ed
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 29 deletions.
14 changes: 3 additions & 11 deletions src/components/_classes/component/Component.js
Original file line number Diff line number Diff line change
Expand Up @@ -964,15 +964,7 @@ export default class Component extends Element {
renderTemplate(name, data = {}, modeOption) {
// Need to make this fall back to form if renderMode is not found similar to how we search templates.
const mode = modeOption || this.options.renderMode || 'form';
data.component = {
...this.component,
};

// Escape HTML provided in component description and render it as a string instead
if (this.component.description) {
data.component.description = FormioUtils.escapeHTML(this.component.description);
}

data.component = this.component;
data.self = this;
data.options = this.options;
data.readOnly = this.options.readOnly;
Expand Down Expand Up @@ -1231,12 +1223,12 @@ export default class Component extends Element {
.replace(/(?:\r\n|\r|\n)/g, '<br />');

this.tooltips[index] = tippy(tooltip, {
allowHTML: false,
allowHTML: true,
trigger: 'mouseenter click focus',
placement: 'right',
zIndex: 10000,
interactive: true,
content: this.t(tooltipText, { _userInput: true }),
content: this.t(this.sanitize(tooltipText), { _userInput: true }),
});
}
});
Expand Down
4 changes: 2 additions & 2 deletions src/components/_classes/component/fixtures/comp5.js
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@ export default {
components: [
{
label: 'Text Field',
description: "<img src='https://somesite' onerror='var _ee = 2' >",
tooltip: "<img src='https://somesite' onerror='var _ee = 1' >",
description: "<img <img src='https://somesite' onerror='var _ee = 2' >",
tooltip: "<img src='https://somesite' onerror='var _ee = 1 >",
applyMaskOn: 'change',
tableView: true,
key: 'textField',
Expand Down
16 changes: 0 additions & 16 deletions src/utils/utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -446,22 +446,6 @@ export function unescapeHTML(str) {
return doc.documentElement.textContent;
}

/**
* Escape HTML characters like <, >, & and etc.
* @param str
* @returns {string}
*/
export function escapeHTML(html) {
if (html) {
return html.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#39;');
}
return '';
}

/**
* Make HTML element from string
* @param str
Expand Down

0 comments on commit df600ed

Please sign in to comment.