Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove usage of {{{ }}} in the html report #1188

Closed
ebidel opened this issue Dec 20, 2016 · 2 comments
Closed

Remove usage of {{{ }}} in the html report #1188

ebidel opened this issue Dec 20, 2016 · 2 comments
Assignees
@ebidel
Labels
viewer

Comments

@ebidel
Copy link
Contributor

ebidel commented Dec 20, 2016

In some places we use {{{}}} to render our own data (example). Those are fine.

However, we should remove {{{ }}} in places where we render user data (example]. Those are there to render code snippets and links in helpText and audit descriptions. Instead, we should create Handlebar helpers to render links and code snippets.

http://handlebarsjs.com/reference.html#base-escapeExpression

This works today if it appears in json loaded into the app:

"helpText": "<img src=\"test.gif\" onerror=\"alert('oops')\"> Text..."
@ebidel ebidel added the viewer label Dec 20, 2016
@ebidel ebidel mentioned this issue Dec 20, 2016
Merged
@wardpeet
Copy link
Collaborator

Are you going to take this @ebidel ? :)

@ebidel
Copy link
Contributor Author

ebidel commented Dec 21, 2016

Yea. started in on it.

@ebidel ebidel self-assigned this Dec 21, 2016
@ebidel ebidel mentioned this issue Dec 21, 2016
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ebidel ebidel

Labels
viewer
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ebidel @wardpeet