Closed mikesvis closed 4 years ago
Kyslik
commented
5 years ago I don't think its possible either; we need to use htmlentities because of possible security issues AFAIK.
I looked at the blame its way too old for me to remember exact reason why I added it there. Maybe it has to do something with line 37:
Kyslik
commented
5 years ago Closing for inactivity; @reflectedMike feel free to re-open.
d13r
commented
5 years ago @Kyslik Could it use e() instead of htmlentities(), so that we can use new HtmlString('html here') when we want actual HTML?
On a related note, is 'formatting_function' (ucfirst() by default) supposed to be applied even when a custom title is given? It is currently, but the description says "formatting function applied to name of column" not "applied to title". It's necessary to disable that in addition to using e() for this to work:
@sortablelink('parent_count', new Illuminate\Support\HtmlString('<i class="fas fa-level-up-alt" data-toggle="tooltip" title="Parents"></i>'))I could submit a PR for both if you're happy.
mikesvis
commented
5 years ago this one would be great
Kyslik
commented
4 years ago This is now in 6.2.1 🎉 ! I hope it's not too late :)
Thank you for great lib! Is it possible not to escape html while rendering column names?
Try to reproduce: 1) I want font awesome icon with eye instead of "Status" word in column name. Like EYE_ICON + DIRECTION_ICON 2) When I use configs for this column and put in html code for icon, it is escaped and rendered as printed html code (escaped: htmlspecialcharred actually) instead of icon. 3) The only but ugliest way I found is remove htmlentities($title) in ColumnSortable/SortableLink.php:41 , but I have to do this every update
Maybe I missed smth and there is a config option not to "htmlentities" ?