Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

compose_banner: Document recommended HTML banner code path.

This commit is contained in:
Tim Abbott 2023-11-22 13:35:07 -08:00
parent 189718dc64
commit a2e6d6c7c4
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/src/compose_banner.ts
View File

@ -132,6 +132,12 @@ export function show_error_message(
$container: JQuery,
$bad_input?: JQuery,
): void {
// Important: This API intentionally does not support passing an
// HTML message; doing so creates unnecessary XSS risk. If you
// want HTML in your compose banner, use a partial subclassing
// compose_banner and the append_compose_banner_to_banner_list
// API; See, for example, automatic_new_visibility_policy_banner.
//
// To prevent the same banner from appearing twice,
// we remove the banner with a matched classname.
$container.find(`.${CSS.escape(classname)}`).remove();