Create a new form component to render HTML text values

[grantfitzsimmons]

So things like this

Sn<sup>2+</sup><sub>21</sub>O<sub>6</sub>(OH)<sub>14</sub>Cl<sub>16</sub>

are rendered correctly when the form definition tells it to

[maxpatiiuk]

note, executing arbitrary html is dangerous (Cross-site scripting (XSS) and HTML injection)

the HTML code MUST be sanitized before being outputted to remove unsafe tags (<script>, onerror="", ...)

there are libraries that can do that. fortunately, there is now also an experimental API that can do that - https://developer.mozilla.org/en-US/docs/Web/API/HTML_Sanitizer_API

[maxpatiiuk]

@grantfitzsimmons can we expect users to be able to write HTML? or do we need a wysiwyg editor too?

[maxpatiiuk]

Related to https://github.com/specify/specify7/issues/3660

[grantfitzsimmons]

I was asking the same questions with @melton-jason yesterday, Both about my concern about executing arbitrary HTML and what kind of interface they would enter this information with.

I think we'd need to have a wysiwyg editor, but we could keep it simple at first if we make this work for chemical formulas only.

https://www.efofex.com/fxchem.php

[maxpatiiuk]

fyi: MathML is finally supported by all major browsers there should be editors out there that support it - https://developer.mozilla.org/en-US/docs/Web/MathML/Authoring#wysiywg_editors