Bug escapeHTML in Editable ListGridField

SimonF

Registered Developer

Join Date: Sep 2013

Posts: 565
#1

Bug escapeHTML in Editable ListGridField

9 Oct 2019, 00:34

Hi,

we encountered a bug regarding the escapeHTML property of an editable ListGridField: After editing is completed, the browser interprets the content and executes javascript, even escapeHTML is set to true. You can reproduce using the following code:

Code:

isc.ListGrid.create({ ID: "listGrid", width:500, height:224, alternateRecordStyles:true, fields:[ {name:"string", title:"Code", canEdit: true, escapeHTML: true, length: 8000} ], data: [{string: "<strong>HTML</strong>"}] })

Its also reproducable in SmartClient_v111p_2019-10-06_Pro

Best regards
Tags: None
Isomorphic

Administrator

Join Date: May 2006

Posts: 53981
#2

15 Oct 2019, 13:39

The problem is that your explicit escapeHTML setting on the ListGridField isn't making it into the edit item for the record. We're going to address that with a Framework fix.

However, a better approach here is to simply set DataSourceField.escapeHTML in your DataSource definition. Or, if you prefer you can add an editorProperties declaration to the field to manually apply escapeHTML to the edit item.
Comment

Previous template Next

Announcement