Fixed XSS vulnerability bug by onCellHtmlData

wenzhixin · May 10, 2022 · b4a1e5d · b4a1e5d
1 parent 55d3760
commit b4a1e5d
Showing 1 changed file with 4 additions and 16 deletions.
diff --git a/src/extensions/export/bootstrap-table-export.js b/src/extensions/export/bootstrap-table-export.js
@@ -23,15 +23,7 @@ $.extend($.fn.bootstrapTable.defaults, {
   showExport: false,
   exportDataType: 'basic', // basic, all, selected
   exportTypes: ['json', 'xml', 'csv', 'txt', 'sql', 'excel'],
-  exportOptions: {
-    onCellHtmlData (cell, rowIndex, colIndex, htmlData) {
-      if (cell.is('th')) {
-        return cell.find('.th-inner').text()
-      }
-
-      return htmlData
-    }
-  },
+  exportOptions: {},
   exportFooter: false
 })
 
@@ -162,13 +154,9 @@ $.BootstrapTable = class extends $.BootstrapTable {
     $exportButtons.click(e => {
       e.preventDefault()
 
-      const type = $(e.currentTarget).data('type')
-      const exportOptions = {
-        type,
-        escape: false
-      }
-
-      this.exportTable(exportOptions)
+      this.exportTable({
+        type: $(e.currentTarget).data('type')
+      })
     })
     this.handleToolbar()
   }