Sanitize caption used in compatibility Grid header (#12018)

* Sanitize caption used in compatibility Grid header

Cherry pick of #11644

diff --git a/compatibility-server/src/main/java/com/vaadin/v7/ui/Grid.java b/compatibility-server/src/main/java/com/vaadin/v7/ui/Grid.java
index 20f7acb0747ced158137d224b1fc70f69942a30b..f67bbb4c3e9739cf827f3863bf6a03f48fdef1a5 100644 (file)
--- a/compatibility-server/src/main/java/com/vaadin/v7/ui/Grid.java
+++ b/compatibility-server/src/main/java/com/vaadin/v7/ui/Grid.java
@@ -38,6 +38,7 @@ import java.util.Set;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import org.jsoup.Jsoup;
 import org.jsoup.nodes.Attributes;
 import org.jsoup.nodes.Element;
 import org.jsoup.select.Elements;
@@ -3473,6 +3474,7 @@ public class Grid extends AbstractComponent
             if (caption == null) {
                 caption = ""; // Render null as empty
             }
+            caption = Jsoup.parse(caption).text();
             state.headerCaption = caption;
 
             HeaderRow row = grid.getHeader().getDefaultRow();