[incubator-superset] branch master updated: [deck_polyline] show metric in geohash (#5952)

beto Fri, 21 Sep 2018 11:23:55 -0700

This is an automated email from the ASF dual-hosted git repository.

beto pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git



The following commit(s) were added to refs/heads/master by this push:
     new 70c095b  [deck_polyline] show metric in geohash (#5952)
70c095b is described below

commit 70c095b1c0ebfc4a44ab882fad8a58bdb8858c70
Author: Maxime Beauchemin <[email protected]>
AuthorDate: Fri Sep 21 11:23:21 2018 -0700

    [deck_polyline] show metric in geohash (#5952)
    
    Also improved security a bit by calling `dompurify.sanitize` down the
    stack.
---
 superset/assets/src/chart/Chart.jsx                          | 11 ++++++++---
 .../visualizations/deckgl/layers/{common.js => common.jsx}   | 12 ++++++++----
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/superset/assets/src/chart/Chart.jsx 
b/superset/assets/src/chart/Chart.jsx
index 43d13b1..0d55027 100644
--- a/superset/assets/src/chart/Chart.jsx
+++ b/superset/assets/src/chart/Chart.jsx
@@ -1,6 +1,7 @@
 import React from 'react';
 import PropTypes from 'prop-types';
 import { Tooltip } from 'react-bootstrap';
+import dompurify from 'dompurify';
 
 import ChartBody from './ChartBody';
 import Loading from '../components/Loading';
@@ -180,9 +181,13 @@ class Chart extends React.PureComponent {
           positionLeft={this.state.tooltip.x + 30}
           arrowOffsetTop={10}
         >
-          <div // eslint-disable-next-line react/no-danger
-            dangerouslySetInnerHTML={{ __html: this.state.tooltip.content }}
-          />
+          {typeof (this.state.tooltip.content) === 'string' ?
+            <div // eslint-disable-next-line react/no-danger
+              dangerouslySetInnerHTML={{ __html: 
dompurify.sanitize(this.state.tooltip.content) }}
+            />
+            :
+            this.state.tooltip.content
+          }
         </Tooltip>
       );
     }
diff --git a/superset/assets/src/visualizations/deckgl/layers/common.js 
b/superset/assets/src/visualizations/deckgl/layers/common.jsx
similarity index 82%
rename from superset/assets/src/visualizations/deckgl/layers/common.js
rename to superset/assets/src/visualizations/deckgl/layers/common.jsx
index 0a446dd..8a3ecc5 100644
--- a/superset/assets/src/visualizations/deckgl/layers/common.js
+++ b/superset/assets/src/visualizations/deckgl/layers/common.jsx
@@ -1,4 +1,4 @@
-import dompurify from 'dompurify';
+import React from 'react';
 import { fitBounds } from 'viewport-mercator-project';
 import d3 from 'd3';
 
@@ -37,10 +37,14 @@ export function commonLayerProps(formData, slice) {
   let onHover;
   let tooltipContentGenerator;
   if (fd.js_tooltip) {
-    const unsanitizedTooltipGenerator = sandboxedEval(fd.js_tooltip);
-    tooltipContentGenerator = o => 
dompurify.sanitize(unsanitizedTooltipGenerator(o));
+    tooltipContentGenerator = sandboxedEval(fd.js_tooltip);
   } else if (fd.line_column && fd.line_type === 'geohash') {
-    tooltipContentGenerator = o => `${fd.line_column}: 
${o.object[fd.line_column]}`;
+    tooltipContentGenerator = o => (
+      <div>
+        <div>{fd.line_column}: 
<strong>{o.object[fd.line_column]}</strong></div>
+        {fd.metric &&
+          <div>{fd.metric}: <strong>{o.object[fd.metric]}</strong></div>}
+      </div>);
   }
   if (tooltipContentGenerator) {
     onHover = (o) => {

[incubator-superset] branch master updated: [deck_polyline] show metric in geohash (#5952)

Reply via email to