Allow limited HTML when rendering failure messages (CSV import). #32000
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes proposed in this Pull Request:
When the product CSV importer is used, any errors (an example might be where a downloadable file has a disallowed mimetype) will be presented to the user when the task completes.
These error messages are nicely formatted with HTML, however when exposed in this particular context the level of escaping is too high, and exposes the HTML tags:
One solution would be to strip the tags completely, but the error messages would not be very clear (and any links would be useless). Much better if we allow a decent range of HTML tags to give us something like the following:
How to test the changes in this Pull Request:
Sample CSV:
Other information:
Changelog entry
FOR PR REVIEWER ONLY: