search

opendistro-for-elasticsearch / sample-code

đź‘‹ Welcome to the Open Distro sample-code area. Share your great ideas and code samples with the Open Distro Community.
https://github.com/opendistro-for-elasticsearch/sample-code
Apache License 2.0
278 stars 81 forks source link

Tile map attribution text #221

Closed boehmerm closed 3 years ago

boehmerm commented 3 years ago

Based on Kibana configuration https://www.elastic.co/guide/en/kibana/current/settings.html it is possible to configure custom base maps for coordinate maps. This can be done, by setting the parameter "map.tilemap.url" in kibana.yml. Depending on the provider's terms of service an attribution text has to be provided via "map.tilemap.options.attribution". As mentioned in the configuration, the value of the attribution parameter can/shall be in a MarkDownIt format, in order to be able to generate a hyperlink.

The problem is, kibana escapes the HTML code generated by MarkDownIt and additionally surrounds it with a

tag. This causes the attribution text is displayed wrong, instead of a hyperlink the HTML representation of it is displayed. The problem is in the file mapsLegacy.plugin.js

var attributionFromConfig=_lodash.default.escape(markdownIt.render(this.tilemapsConfig.deprecated.config.options.attribution||""));

IMHO the escape() function may not be used for escaping of a parameter value, because this value was set by an system administrator and not by a standard user.

It would be nice to fix this issue.

Jon-AtAWS commented 3 years ago

Hi @boehmerm,

Thank you for sending this, and sorry for the delayed response. Would you please make this request in this forum: https://discuss.opendistrocommunity.dev/c/general-elasticsearch/10

Thank you,

Jon