From a3226ba4b0ec71392e6393b73e3bd5b596d7e0b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tu=C4=9F=C3=A7e=20K=C3=BC=C3=A7=C3=BCko=C4=9Flu?= Date: Mon, 28 Mar 2022 12:16:56 +0300 Subject: [PATCH] Fixed #2363 - Tooltip | Escape encode enhancement --- src/components/tooltip/Tooltip.js | 6 ++++-- src/components/utils/ObjectUtils.js | 10 ++++++++++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/components/tooltip/Tooltip.js b/src/components/tooltip/Tooltip.js index d673eb477..791caddb8 100755 --- a/src/components/tooltip/Tooltip.js +++ b/src/components/tooltip/Tooltip.js @@ -1,4 +1,4 @@ -import {UniqueComponentId,DomHandler,ConnectedOverlayScrollHandler,ZIndexUtils} from 'primevue/utils'; +import {UniqueComponentId,DomHandler,ConnectedOverlayScrollHandler,ZIndexUtils,ObjectUtils} from 'primevue/utils'; function bindEvents(el) { const modifiers = el.$_ptooltipModifiers; @@ -105,7 +105,9 @@ function create(el) { let tooltipText = document.createElement('div'); tooltipText.className = 'p-tooltip-text'; - tooltipText.innerHTML = el.$_ptooltipValue; + + let tooltipLabel = ObjectUtils.htmlEncode(el.$_ptooltipValue); + tooltipText.innerHTML = tooltipLabel; container.appendChild(tooltipText); document.body.appendChild(container); diff --git a/src/components/utils/ObjectUtils.js b/src/components/utils/ObjectUtils.js index 3f153531d..6fccee280 100755 --- a/src/components/utils/ObjectUtils.js +++ b/src/components/utils/ObjectUtils.js @@ -204,6 +204,16 @@ export default { return null; }, + htmlEncode(str){ + if (str) { + return str.replace(/[^\w. ]/gi, function(c){ + return '&#'+c.charCodeAt(0)+';'; + }); + } + + return null; + }, + isEmpty(value) { return ( value === null || value === undefined || value === '' ||