Watch

Welcome to the JavaScript feedback portal. We’re happy you’re here! If you have feedback on how to improve the JavaScript, we’d love to hear it!

Check out the features or bugs others have reported and vote on your favorites. Feedback will be prioritized based on popularity.
If you have feedback that’s not listed yet, submit your own.

Thanks for joining our community and helping improve Syncfusion products!

Vote

HTML escaping is missing in the DataGrid Excel filter Declined - Not Valid

: Oct 05, 2020 10:16 AM

: Nov 30, 2020 11:48 PM

: Bug Report

: DataGrid

: 18.3.0.35

: Windows 10

: Google Chrome

: Oct 05, 2020 10:16 AM

: Bug Report

: DataGrid

The following code demonstrates that a correct HTML escaping is not done for a string shown in the DataGrid Excel filter:

import { Grid, Filter } from "@syncfusion/ej2-grids";

Grid.Inject(Filter);

let grid = new Grid({
  dataSource: [{ field1: "abc<div>def" }],
  allowFiltering: true,
  filterSettings: { type: "Excel" },
  columns: [{ field: "field1" }]
});
grid.appendTo("#Grid");

Correct escaping is done when the data is shown in the actual table.

Bug.png

2 COMMENTS