Make a link clickable on alternate downloads page #287
Conversation
pbo-linaro
force-pushed
the
windows_arm64_link
branch
from
4549ca1
to
1b233aa
Compare
|
I tried that -- the whole value ends up url escaped. I can give it another shot later today. You can also run the site locally in dev mode. It's a little janky, but there are notes in the README |
pbo-linaro
force-pushed
the
windows_arm64_link
branch
from
1b233aa
to
be5875e
Compare
|
ReactJS sanitizes displayed strings and escape all characters to prevent issues with user inputs (XSS attack, ...). First commit enables this, second one adds the clickable link. Tested locally 👍 I used https://stackoverflow.com/questions/27934238/rendering-raw-html-with-reactjs. |
|
Renders as: |
| @@ -11,7 +11,7 @@ const Paragraph = ({ children, className, highlight }) => { | |||
| [`${baseClass}--highlight`]: highlight, | |||
| }) | |||
|
|
|||
| return <p className={classes}>{children}</p> | |||
| return <p className={classes} dangerouslySetInnerHTML={{ __html: children }}></p> | |||
There was a problem hiding this comment.
I think this is right, but I'm worried about applying it everywhere. What if we created a new class, DangerousParagraph and applied it to this page?
There was a problem hiding this comment.
Only home and download pages are using it, so I would not be too afraid of this.
If you prefer a whole new component, you're welcome to add it.
The risk is really when you have user inputs, which is not something osquery website is going to have, it's just a "static" website presenting content.
|
Hi, this PR has been opened for a month. Would that be possible to integrate this? |
No description provided.