aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx
diff options
context:
space:
mode:
authorDavid Cho-Lerat <david.cho-lerat@sonarsource.com>2024-11-25 11:58:43 +0100
committersonartech <sonartech@sonarsource.com>2024-11-25 20:03:07 +0000
commit43af64decffceecfbb81d712667412e5935445fd (patch)
tree340c7d5d07bc4dfd4a0f4b5e3f55cf7b5fb58b0e /server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx
parent2ac9033908db5468e497f36c268c818c0f81b0df (diff)
downloadsonarqube-9.9.8.100196.tar.gz
sonarqube-9.9.8.100196.zip
SONAR-23741 Backport fixes for SSF-656 & SSF-6579.9.8.100196
Diffstat (limited to 'server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx')
-rw-r--r--server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx12
1 files changed, 6 insertions, 6 deletions
diff --git a/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx b/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx
index f0dfe918a19..d08a688e1d2 100644
--- a/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx
+++ b/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx
@@ -17,6 +17,7 @@
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
+
import classNames from 'classnames';
import * as React from 'react';
import { Button, ButtonLink, DeleteButton, EditButton } from '../../../components/controls/buttons';
@@ -27,7 +28,7 @@ import IssueChangelogDiff from '../../../components/issue/components/IssueChange
import Avatar from '../../../components/ui/Avatar';
import { PopupPlacement } from '../../../components/ui/popups';
import { translate, translateWithParameters } from '../../../helpers/l10n';
-import { sanitizeUserInput } from '../../../helpers/sanitize';
+import { SafeHTMLInjection, SanitizeLevel } from '../../../helpers/sanitize';
import { Hotspot, ReviewHistoryType } from '../../../types/security-hotspots';
import { getHotspotReviewHistory } from '../utils';
import HotspotCommentPopup from './HotspotCommentPopup';
@@ -103,11 +104,10 @@ export default function HotspotReviewHistory(props: HotspotReviewHistoryProps) {
{type === ReviewHistoryType.Comment && key && html && markdown && (
<div className="spacer-top display-flex-space-between">
- <div
- className="markdown"
- // eslint-disable-next-line react/no-danger
- dangerouslySetInnerHTML={{ __html: sanitizeUserInput(html) }}
- />
+ <SafeHTMLInjection htmlAsString={html} sanitizeLevel={SanitizeLevel.USER_INPUT}>
+ <div className="markdown" />
+ </SafeHTMLInjection>
+
{updatable && (
<div>
<div className="dropdown">