diff options
author | David Cho-Lerat <david.cho-lerat@sonarsource.com> | 2024-11-25 11:58:43 +0100 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2024-11-25 20:03:07 +0000 |
commit | 43af64decffceecfbb81d712667412e5935445fd (patch) | |
tree | 340c7d5d07bc4dfd4a0f4b5e3f55cf7b5fb58b0e /server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx | |
parent | 2ac9033908db5468e497f36c268c818c0f81b0df (diff) | |
download | sonarqube-9.9.8.100196.tar.gz sonarqube-9.9.8.100196.zip |
SONAR-23741 Backport fixes for SSF-656 & SSF-6579.9.8.100196
Diffstat (limited to 'server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx')
-rw-r--r-- | server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx b/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx index f0dfe918a19..d08a688e1d2 100644 --- a/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx +++ b/server/sonar-web/src/main/js/apps/security-hotspots/components/HotspotReviewHistory.tsx @@ -17,6 +17,7 @@ * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ + import classNames from 'classnames'; import * as React from 'react'; import { Button, ButtonLink, DeleteButton, EditButton } from '../../../components/controls/buttons'; @@ -27,7 +28,7 @@ import IssueChangelogDiff from '../../../components/issue/components/IssueChange import Avatar from '../../../components/ui/Avatar'; import { PopupPlacement } from '../../../components/ui/popups'; import { translate, translateWithParameters } from '../../../helpers/l10n'; -import { sanitizeUserInput } from '../../../helpers/sanitize'; +import { SafeHTMLInjection, SanitizeLevel } from '../../../helpers/sanitize'; import { Hotspot, ReviewHistoryType } from '../../../types/security-hotspots'; import { getHotspotReviewHistory } from '../utils'; import HotspotCommentPopup from './HotspotCommentPopup'; @@ -103,11 +104,10 @@ export default function HotspotReviewHistory(props: HotspotReviewHistoryProps) { {type === ReviewHistoryType.Comment && key && html && markdown && ( <div className="spacer-top display-flex-space-between"> - <div - className="markdown" - // eslint-disable-next-line react/no-danger - dangerouslySetInnerHTML={{ __html: sanitizeUserInput(html) }} - /> + <SafeHTMLInjection htmlAsString={html} sanitizeLevel={SanitizeLevel.USER_INPUT}> + <div className="markdown" /> + </SafeHTMLInjection> + {updatable && ( <div> <div className="dropdown"> |