From bda23bb1e66fd7ce42c75c69cf5eea4e80865c1c Mon Sep 17 00:00:00 2001
From: snipe <snipe@snipe.net>
Date: Fri, 15 Oct 2021 11:50:52 -0500
Subject: [PATCH] Fixes possible XSS on all-file-types export

Signed-off-by: snipe <snipe@snipe.net>
---
 resources/views/partials/bootstrap-table.blade.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/resources/views/partials/bootstrap-table.blade.php b/resources/views/partials/bootstrap-table.blade.php
index 7ad14bf9059f..130bc9c2d3e1 100644
--- a/resources/views/partials/bootstrap-table.blade.php
+++ b/resources/views/partials/bootstrap-table.blade.php
@@ -75,6 +75,10 @@ classes: 'table table-responsive table-no-bordered',
                 export: 'fa-download',
                 clearSearch: 'fa-times'
             },
+            exportOptions: {
+                htmlContent: true,
+            },
+
             exportTypes: ['csv', 'excel', 'doc', 'txt','json', 'xml', 'pdf'],
             onLoadSuccess: function () {
                 $('[data-toggle="tooltip"]').tooltip(); // Needed to attach tooltips after ajax call