mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
TextPanel: Sanitize after markdown has been rendered to html (#46166)
* Sanitize after markdown has been rendered to html * Update e2e test
This commit is contained in:
parent
994a22f4c2
commit
b1125c0ba3
@ -27,7 +27,7 @@ e2e.scenario({
|
||||
`Server:pipe = A'A"A|BB\\B|CCC`,
|
||||
`Server:distributed = A'A"A,Server=BB\\B,Server=CCC`,
|
||||
`Server:csv = A'A"A,BB\\B,CCC`,
|
||||
`Server:html = A'A"A, BB\\B, CCC`,
|
||||
`Server:html = A'A"A, BB\\B, CCC`,
|
||||
`Server:json = ["A'A\\"A","BB\\\\B","CCC"]`,
|
||||
`Server:percentencode = %7BA%27A%22A%2CBB%5CB%2CCCC%7D`,
|
||||
`Server:singlequote = 'A\\'A"A','BB\\B','CCC'`,
|
||||
|
@ -44,9 +44,11 @@ export class TextPanel extends PureComponent<Props, State> {
|
||||
|
||||
prepareMarkdown(content: string): string {
|
||||
// Sanitize is disabled here as we handle that after variable interpolation
|
||||
return renderTextPanelMarkdown(this.interpolateAndSanitizeString(content), {
|
||||
noSanitize: config.disableSanitizeHtml,
|
||||
});
|
||||
return this.interpolateAndSanitizeString(
|
||||
renderTextPanelMarkdown(content, {
|
||||
noSanitize: config.disableSanitizeHtml,
|
||||
})
|
||||
);
|
||||
}
|
||||
|
||||
interpolateAndSanitizeString(content: string): string {
|
||||
|
Loading…
Reference in New Issue
Block a user