Open felipecarrillo100 opened 1 month ago
@felipecarrillo100 We disabled raw html rendering in markdown to avoid xss attacks in #4256 and may have been overcautious in applying it to the enableMarkdownInDescription
capability. That said, I think we may want to add a new feature to allow someone to explicitly allow potentially unsafe html in a manner similar to how react does it. Essentially, update the enableMarkdownInDescription
flag to take another value besides true/false. allowUnsafeHTML
. Is that something you are willing to implement?
Prerequisites
What theme are you using?
React-Bootstrap
Version
Current Behavior
The description markdown no longer supports the tag \<small> , it used to work in previous versions but currently it doesn't work. You can witness this in your own playground. { "lastName": { "ui:autocomplete": "given-name", "ui:enableMarkdownInDescription": true, "ui:description": "Make things bold or italic. Embed snippets of
code
. \<small>And this is a small texts.\</small> " }, }Renders to: Make things bold or italic. Embed snippets of
code
. \<small>And this is a small texts.\</small>Expected Behavior
The correct rendering should be: Make things bold or italic. Embed snippets of
code
. And this is a small texts.Where "And this is a small texts." in smaller size and tag is not printed to screen
Steps To Reproduce
You can reproduce this in your own ONLINE playground. Just go to urL https://rjsf-team.github.io/react-jsonschema-form/
Take the sample "Simple" and look at the "A registration form", Input "Last Name". You will see the "small" tag is printed as text: \<small>And this is a small texts.\</small>. The \<small> tag is printed as text instead of being used as format.
Environment
Anything else?
No response