Merge branch 'main' into 21357-favorites-names

[arvados.git] / services / workbench2 / src / views-components / baner / banner.tsx

diff --git a/services/workbench2/src/views-components/baner/banner.tsx b/services/workbench2/src/views-components/baner/banner.tsx
index 7e39186c09f8d852f7868ed26579dd0a4e619eba..ac5b89439cfa10e1505b879c099b732b12d97f35 100644 (file)
--- a/services/workbench2/src/views-components/baner/banner.tsx
+++ b/services/workbench2/src/views-components/baner/banner.tsx
@@ -10,6 +10,7 @@ import bannerActions from "store/banner/banner-action";
 import { ArvadosTheme } from "common/custom-theme";
 import servicesProvider from "common/service-provider";
 import { Dispatch } from "redux";
+import { sanitizeHTML } from "common/html-sanitize";
 
 type CssRules = "dialogContent" | "dialogContentIframe";
 
@@ -92,7 +93,7 @@ export const BannerComponent = (props: BannerComponentProps) => {
         >
             <div data-cy="confirmation-dialog">
                 <DialogContent className={props.classes.dialogContent}>
-                    <div dangerouslySetInnerHTML={{ __html: bannerContents }}></div>
+                    <div dangerouslySetInnerHTML={{ __html: sanitizeHTML(bannerContents) }}></div>
                 </DialogContent>
                 <DialogActions style={{ margin: "0px 24px 24px" }}>
                     <Button