[I] CSS styling doesn't work in Handlebars chart [superset]

[via GitHub]

goldjee opened a new issue, #30381:
URL: https://github.com/apache/superset/issues/30381

   ### Bug description
   
   CSS code defined in "CSS styles" section of Handlebars chart settings isn't 
applied to HTML template. It is shown as plain text on the chart instead.
   
   ### How to reproduce the bug
   
   1. Disable ESCAPE_MARKDOWN_HTML, enable HTML_SANITIZATION, allow CSS with 
HTML_SANITIZATION_SCHEMA_EXTENSIONS in `superset_config.py` as follows:
   ```Python
   FEATURE_FLAGS = {
       "ESCAPE_MARKDOWN_HTML": False,
       "HTML_SANITIZATION": True,
   }
   
   HTML_SANITIZATION_SCHEMA_EXTENSIONS = {
       "attributes": {
       "*": ["style","className"],
       },
       "tagNames": ["style"],
   }
   ```
   2. Create a Handlebars chart with one column ("descr" in this example) added 
from any dataset.
   3. Set up HTML template as follows:
   ```HTML
   <ul class="data-list">
     {{#each data}}
       <li>{{descr}}</li>
     {{/each}}
   </ul>
   ```
   5. Set up CSS for the chart:
   ```CSS
   .data-list {
       background-color: yellow;
   }
   ```
   7. Observe your CSS code in the preview as a plain text.
   
   ### Screenshots/recordings
   
   <img width="1101" alt="image" 
src="https://github.com/user-attachments/assets/271fa5da-656b-4571-bf38-e0fbcd266f76";>
   
   
   ### Superset version
   
   master / latest-dev
   
   ### Python version
   
   3.11
   
   ### Node version
   
   18 or greater
   
   ### Browser
   
   Chrome
   
   ### Additional context
   
   While investigating this issue, I dived into Handlebars code. There is a 
section in 
`superset-frontend/plugins/plugin-chart-handlebars/src/components/Handlebars/HandlebarsViewer.tsx`
 at lines 35-43 that seemingly retrieves HTML sanitization and schema 
overrides. I went to the browser console and printed these variables with this 
snippet:
   ```JS
   ```
   
   ### Checklist
   
   - [ ] I have searched Superset docs and Slack and didn't find a solution to 
my problem.
   - [ ] I have searched the GitHub issue tracker and didn't find a similar bug 
report.
   - [ ] I have checked Superset's logs for errors and if I found a relevant 
Python stacktrace, I included it here as text in the "additional context" 
section.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@superset.apache.org
For additional commands, e-mail: notifications-h...@superset.apache.org