Skip to content

Commit

Permalink
Escape html for table cell
Browse files Browse the repository at this point in the history 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
  • Loading branch information
@Yukaii
Yukaii committed Jul 9, 2020
1 parent 92cdc94 commit ddc85f2
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions public/js/lib/renderer/csvpreview.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import Papa from 'papaparse'
import escapeHTML from 'lodash/escape'

const safeParse = d => {
try {
Expand All @@ -22,20 +23,20 @@ export function renderCSVPreview (csv, options = {}, attr = '') {
return `<table ${attr}>
<thead>
<tr>
${fields.map(f => `<th>${f}</th>`).join('')}
${fields.map(f => `<th>${escapeHTML(f)}</th>`).join('')}
</tr>
</thead>
<tbody>
${results.data.map(d => `<tr>
${fields.map(f => `<td>${d[f]}</td>`).join('')}
${fields.map(f => `<td>${escapeHTML(d[f])}</td>`).join('')}
</tr>`).join('')}
</tbody>
</table>`
} else {
return `<table ${attr}>
<tbody>
${results.data.map(d => `<tr>
${d.map(f => `<td>${f}</td>`).join('')}
${d.map(f => `<td>${escapeHTML(f)}</td>`).join('')}
</tr>`).join('')}
</tbody>
</table>`
Expand Down

0 comments on commit ddc85f2

Please sign in to comment.