Option to not "clean" HTML in Field Values in Table View

+1 vote

dbFront does the correct thing when parsing field values for visualising in table view. For example:

<img src ="">

is presented as

&lt;img src=""&gt;

This is great as it prevents rogue HTML from being presented within the list. Although in some cases it could be really handy to add rouge HTML. Thoughts are:

  • Add an Image to the list view
  • Add clickable links
  • More advanced styling
  • etc

Obviously would have to be a "use at your own risk" clause, as dodgy HTML being presented could corrupt the display / operation of the site.

in Features (Todo) by (370 points)
I definitely understand this request.  Safeguards that prevent you from using a system to its maximum can be very annoying.  At the same time those safeguards have a real purpose and allowing them to be bypassed via a simple checkbox compromises the whole system.  There are similar safeguards around SQL handling, permissions for Power Users and more.

What I would prefer to do is optionally allow some of those safeguards to be adjusted but then to make it abundantly clear to any administrator what the current security status of the system is along with audit information about who and when those changes were made.
Fully agree that it needs to be a full audit trail and disclaimers / clauses, as if handled incorrectly could cause severe security risks (e.g. script insertion, malware etc)

1 Answer

0 votes

I understand the need for this feature. I will consider it depending upon time and resources.

NOTE: Please vote on or consider funding this Feature Request if it interests you.

by (64.4k points)
Welcome to the dbFront Q&A site, where you can ask questions and receive answers from other members of the community.
 | Minimalist Answer Theme by Digitizor Media
Powered by Question2Answer