fix: escape text types before setting disp area (#25520) (#25522)

(cherry picked from commit fa6ec99) Co-authored-by: Ankush Menat <ankush@frappe.io>
frappe · Mar 18, 2024 · e446770 · e446770
1 parent 3344df0
commit e446770
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/frappe/public/js/frappe/form/controls/base_input.js b/frappe/public/js/frappe/form/controls/base_input.js
@@ -146,11 +146,12 @@ frappe.ui.form.ControlInput = class ControlInput extends frappe.ui.form.Control
 		} else {
 			value = this.value || value;
 		}
-		if (this.df.fieldtype === "Data") {
+		if (["Data", "Long Text", "Small Text", "Text", "Password"].includes(this.df.fieldtype)) {
 			value = frappe.utils.escape_html(value);
 		}
 		let doc = this.doc || (this.frm && this.frm.doc);
 		let display_value = frappe.format(value, this.df, { no_icon: true, inline: true }, doc);
+		// This is used to display formatted output AND showing values in read only fields
 		this.disp_area && $(this.disp_area).html(display_value);
 	}
 	set_label(label) {