Skip to content

ref(ui): Remove MarkedText from SentryApp overview description #106275

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
oioki merged 1 commit into from
Jan 15, 2026
Merged

ref(ui): Remove MarkedText from SentryApp overview description #106275

oioki merged 1 commit into from
Jan 15, 2026

Conversation

@oioki
Copy link
Member

@oioki oioki commented Jan 14, 2026
edited by atlassian bot
Loading

VULN-870

Removes MarkedText component usage for the SentryApp overview description, replacing it with plain text rendering.

We did not see legitimate use cases of custom CSS, only weird hacking attempts. Plain text rendering is simpler and more appropriate for this field.

@github-actions github-actions bot added the Scope: Frontend Automatically applied to PRs that change frontend components label Jan 14, 2026
@oioki
ref(ui): Remove MarkedText from SentryApp overview description
8145b65 
Replace MarkedText with plain text rendering for the SentryApp overview description. This removes unnecessary HTML/markdown processing for the overview field while keeping feature descriptions unchanged.
@oioki oioki force-pushed the fix-sentryapp-feature-description-xss branch 3 times, most recently from 12c1a08 to 8145b65 Compare January 14, 2026 18:54
@oioki oioki changed the title fix(security): Remove dangerouslySetInnerHTML from SentryApp feature descriptions ref(ui): Remove MarkedText from SentryApp overview description Jan 14, 2026
sentry[bot]
sentry bot reviewed Jan 14, 2026
View reviewed changes
cursor[bot]
cursor bot reviewed Jan 14, 2026
View reviewed changes
leeandher
leeandher approved these changes Jan 14, 2026
View reviewed changes
Copy link
Member

@leeandher leeandher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense, we didn't even advertise it as markdown friendly

Image

🚀 🔒

@oioki oioki merged commit 7645376 into master Jan 15, 2026
56 checks passed
@oioki oioki deleted the fix-sentryapp-feature-description-xss branch January 15, 2026 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sentry sentry[bot] sentry[bot] left review comments

@cursor cursor[bot] cursor[bot] left review comments

@leeandher leeandher leeandher approved these changes

Assignees

No one assigned

Labels

Scope: Frontend Automatically applied to PRs that change frontend components

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@oioki @leeandher