SONAR-23249 Fix SSF-656 & SSF-657

author: David Cho-Lerat <david.cho-lerat@sonarsource.com> 2024-10-03 10:09:00 +0200
committer: sonartech <sonartech@sonarsource.com> 2024-10-08 20:02:47 +0000
commit: c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f (patch)
tree: 40b9f0694c1bd3baaee84ade9fa4059b851c7ae2 /server/sonar-web/src/main/js/components/rules/RuleDescription.tsx
parent: 12664adb48e6b95e521b0e05d81f916af2a88bc4 (diff)
download: sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.tar.gz
sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.zip
1 files changed, 9 insertions, 5 deletions
diff --git a/server/sonar-web/src/main/js/components/rules/RuleDescription.tsx b/server/sonar-web/src/main/js/components/rules/RuleDescription.tsx
index ca1341902e4..a5cf16b7a96 100644
--- a/server/sonar-web/src/main/js/components/rules/RuleDescription.tsx
+++ b/server/sonar-web/src/main/js/components/rules/RuleDescription.tsx
@@ -22,6 +22,7 @@ import {
   CodeSyntaxHighlighter,
   FlagMessage,
   HtmlFormatter,
+  SanitizeLevel,
   ToggleButton,
   themeBorder,
   themeColor,
@@ -30,7 +31,6 @@ import * as React from 'react';
 import { RuleDescriptionSection, RuleDescriptionSections } from '../../apps/coding-rules/rule';
 import applyCodeDifferences from '../../helpers/code-difference';
 import { translate, translateWithParameters } from '../../helpers/l10n';
-import { sanitizeString } from '../../helpers/sanitize';
 import { isDefined } from '../../helpers/types';
 import { Cve as CveDetailsType } from '../../types/cves';
 import { CveDetails } from './CveDetails';
@@ -147,8 +147,9 @@ export default class RuleDescription extends React.PureComponent<Props, State> {
           {isDefined(introductionSection) && (
             <CodeSyntaxHighlighter
               className="rule-desc"
-              htmlAsString={sanitizeString(introductionSection)}
+              htmlAsString={introductionSection}
               language={language}
+              sanitizeLevel={SanitizeLevel.FORBID_SVG_MATHML}
             />
           )}
           {defaultContext && (
@@ -180,8 +181,9 @@ export default class RuleDescription extends React.PureComponent<Props, State> {
             <OtherContextOption />
           ) : (
             <CodeSyntaxHighlighter
-              htmlAsString={sanitizeString(selectedContext.content)}
+              htmlAsString={selectedContext.content}
               language={language}
+              sanitizeLevel={SanitizeLevel.FORBID_SVG_MATHML}
             />
           )}
 
@@ -200,14 +202,16 @@ export default class RuleDescription extends React.PureComponent<Props, State> {
         {isDefined(introductionSection) && (
           <CodeSyntaxHighlighter
             className="rule-desc"
-            htmlAsString={sanitizeString(introductionSection)}
+            htmlAsString={introductionSection}
             language={language}
+            sanitizeLevel={SanitizeLevel.FORBID_SVG_MATHML}
           />
         )}
 
         <CodeSyntaxHighlighter
-          htmlAsString={sanitizeString(sections[0].content)}
+          htmlAsString={sections[0].content}
           language={language}
+          sanitizeLevel={SanitizeLevel.FORBID_SVG_MATHML}
         />
 
         {cve && <CveDetails cve={cve} />}
author	David Cho-Lerat <david.cho-lerat@sonarsource.com>	2024-10-03 10:09:00 +0200
committer	sonartech <sonartech@sonarsource.com>	2024-10-08 20:02:47 +0000
commit	c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f (patch)
tree	40b9f0694c1bd3baaee84ade9fa4059b851c7ae2 /server/sonar-web/src/main/js/components/rules/RuleDescription.tsx
parent	12664adb48e6b95e521b0e05d81f916af2a88bc4 (diff)
download	sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.tar.gz sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.zip