Escape Html content on rendering

XMLWordPrintable

    • Type: Improvement
    • Resolution: Unresolved
    • None
    • Affects Version/s: None
    • Component/s: Security Related

      Problem

      On rendering grid columns containing HTML tags in a column's content when applying Ext.htmlEncode() in renderer we get result as shown in the image attached.

      Solution

      Consider using a more sophisticated way to sanitize / escape the content on rendering.

      Like embedding https://github.com/cure53/DOMPurify in the UI or do the sanitation on backend after finalising TRANSLATE-5058.

        1. Screenshot from 2025-12-08 13-00-52.png
          Screenshot from 2025-12-08 13-00-52.png
          55 kB

            Assignee:
            Volodymyr Kyianenko
            Reporter:
            Volodymyr Kyianenko
            Thomas Lauria
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: