Dont Dangerously Render HTML (#11526)

Co-authored-by: Nicholas Summers <[email protected]>
Enterprise-CMCS · Nov 22, 2023 · af3223f · af3223f
1 parent fcc73df
commit af3223f
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 11 deletions.
diff --git a/services/ui-src/src/components/export/ExportedModalOverlayReportSection.tsx b/services/ui-src/src/components/export/ExportedModalOverlayReportSection.tsx
@@ -5,7 +5,7 @@ import { Box, Image, Td, Text, Tr } from "@chakra-ui/react";
 // types
 import { EntityShape, ModalOverlayReportPageShape, ReportType } from "types";
 // utils
-import { assertExhaustive, getEntityDetailsMLR, renderHtml } from "utils";
+import { assertExhaustive, getEntityDetailsMLR } from "utils";
 // verbiage
 import mcparVerbiage from "../../verbiage/pages/mcpar/mcpar-export";
 import mlrVerbiage from "../../verbiage/pages/mlr/mlr-export";
@@ -86,7 +86,7 @@ export function renderModalOverlayTableBody(
               <Text sx={sx.entityList}>
                 {entity.report_planName ?? "Not entered"} <br />
                 {report_programName} <br />
-                {renderHtml(mlrEligibilityGroup)} <br />
+                {mlrEligibilityGroup} <br />
                 {reportingPeriod}
               </Text>
             </Td>

diff --git a/services/ui-src/src/components/tables/EntityRow.tsx b/services/ui-src/src/components/tables/EntityRow.tsx
@@ -4,7 +4,7 @@ import { EntityStatusIcon } from "components";
 // types
 import { AnyObject, EntityShape } from "types";
 // utils
-import { eligibilityGroup, renderHtml, useUser } from "utils";
+import { eligibilityGroup, useUser } from "utils";
 // assets
 import deleteIcon from "assets/icons/icon_cancel_x_circle.png";
 import { useContext, useMemo } from "react";
@@ -44,7 +44,7 @@ export const EntityRow = ({
       <Td sx={sx.programInfo}>
         <ul>
           {programInfo.map((field, index) => (
-            <li key={index}>{renderHtml(field)}</li>
+            <li key={index}>{field}</li>
           ))}
         </ul>
         {!entityComplete && report?.reportType === "MLR" && (

diff --git a/services/ui-src/src/utils/other/rendering.ts b/services/ui-src/src/utils/other/rendering.ts
@@ -1,12 +1,5 @@
-import React from "react";
 import { EntityShape } from "types";
 
-// render '<' special character
-export const renderHtml = (rawHTML: string) =>
-  React.createElement("span", {
-    dangerouslySetInnerHTML: { __html: rawHTML },
-  });
-
 // return MLR eligibility group text
 export const eligibilityGroup = (entity: EntityShape) => {
   if (entity["report_eligibilityGroup-otherText"]) {