Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add markdown and/or sanitized HTML support to Computed Fields #5743

Open
1 of 12 tasks
gioccher opened this issue May 21, 2024 · 1 comment
Open
1 of 12 tasks

Add markdown and/or sanitized HTML support to Computed Fields #5743

gioccher opened this issue May 21, 2024 · 1 comment
Labels
type: feature Introduction of new or enhanced functionality to the application

Comments

@gioccher
Copy link

gioccher commented May 21, 2024
edited
Loading

As ...

Ozzie - Operator

I want ...

To view data produced by computed fields formatted using markdown and/or HTML

So that ...

Computed Fields can output more than just a single line of plain text.
Examples:

  • checkmarks
  • bullet points
  • pre-formatted paragraphs
  • ...

I know this is done when...

  • users with permission to create or edit computed fields can have them render markdown or safe HTML

This could be implemented either by:

  • supporting expressions like {{ True | render_boolean }} {{ "<b>hello world</b>" | safe }} {{ "```\ncode block\n```" | render_markdown }}
  • or introducing a "Type" dropdown with options like Plain Text, Markdown, and HTML

Optional - Feature groups this request pertains to.

  • Automation
  • Circuits
  • DCIM
  • IPAM
  • Misc (including Data Sources)
  • Organization
  • Plugins (and other Extensibility)
  • Security (Secrets, etc)
  • Image Management
  • UI/UX
  • Documentation
  • Other (not directly a platform feature)

Database Changes

No response

External Dependencies

No response
@gioccher gioccher added triage This issue is new and has not been reviewed. type: feature Introduction of new or enhanced functionality to the application labels May 21, 2024
@gioccher
Copy link
Author

from @glennmatthews in slack:

We had to lock down the use of HTML in computed fields due to security risks (GHSA-cf9f-wmhp-v4pr); that said, I think the current implementation may be stricter than absolutely necessary and we could probably loosen it back up by adding support for markdown and sanitized HTML, similar to what was done in #5133.

@glennmatthews glennmatthews removed the triage This issue is new and has not been reviewed. label Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: feature Introduction of new or enhanced functionality to the application
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gioccher @glennmatthews