(fix): sanitize object descriptions - front#5473
Ticket(s) / Related Merge Requests
front#5473
Summary of Changes
Follows the same logic as we use for Activity posts, which were not impacted by the bug. All entities will not pass through the strip tags function.
Testing Considerations
- Upload an image
- Enter
<img src="http://127.0.0.1:8080/assets/logos/logo-dark-mode.svg" width="300px">
as the message/description - Click on the date of the post to go to the image entity
- The text should render, not the html
Deployment Considerations
None
Regression Scope
This was applied because of <!Doctype showing in videos from the legacy editor. This change should not impact that as it will strip everything.
Platform Affected (web, mobile, etc)
Web
Developer Testing Completed
Yes
Screenshots / Screen Recording
Does this impact
-
Localization -
Dark/light mode -
Guest mode
Definition of Done Checklist
-
The Acceptance Criteria has been met -
Code is tested: Testing includes unit/spec, E2E/automated and manual testing -
Merge requests description has been filled out