Ampersands in text don't present correctly

openownership / visualisation-tool

A visualisation library for beneficial ownership structures

https://www.openownership.org/en/publications/beneficial-ownership-visualisation-system/bods-data-visualiser/

Apache License 2.0

19 stars 4 forks source link

Ampersands in text don't present correctly #123

Closed Blueskies00 closed 3 months ago

Blueskies00 commented 1 year ago

Screenshot from 2022-08-18 09-43-13

paramjit74git commented 9 months ago

We are facing this same issue. Was this bug ever looked at?

kd-ods commented 9 months ago

We haven't scheduled a development sprint for the visualisation tool since this bug was filed.

If you want to submit a pull request to address the bug, we will endeavour to review it in a timely fashion.

codemacabre commented 4 months ago

This is actually intended functionality by a sanitise function to reduce XSS attacks. However, the text is rendered inside SVG text nodes which D3¹ treats as textContent² which only renders text:

no parsing is performed either, the input string is taken as pure textual content

Therefore, I think it's safe to remove the sanitisation of these text nodes.

[1] D3 documentation [2] W3C specification

StephenAbbott commented 4 months ago

@paramjit74git Sorry for the delay - but work now done to fix this issue.

@codemacabre will be fixing a few more things and then releasing an updated version of the visualisation tool very soon which I hope you can take advantage of