Summary

Require SafeStrings for all HTML in review request fields.

Review Request #14299 — Created Jan. 22, 2025 and submitted March 21, 2025, 12:35 a.m.

Information

Owner

chipx86

Repository

Review Board

Branch

release-7.1.x

Bugs

Depends On

Reviewers

Groups

reviewboard

People

Description

We've had a long-standing task to enforce HTML safety in review request
fields. We've trusted that all HTML strings were safe, but with TODO
comments saying we need to move to SafeString enforcement.

This change makes that move. We now expect SafeString results from all
rendering functions for views. Since this is a breaking change, it's a
soft requirement. We convert native strings to SafeStrings when found,
but with a deprecation warning.

This gave me the opportunity to clean up some of our HTML rendering code
to be a bit more manageable.

All built-in fields have been updated to ensure SafeString results.

Note that affected functions have not received any signature updates.
Those will be handled separately as part of a larger change.

Testing Done

All unit tests pass.

Tested a review request with all the fields. Verified that they all
rendered their contents correctly on the review request and the change
descriptions.

Tested this with and without the updates to the built-in fields.
Without those updates, I saw the warnings in the console but the fields
rendered as expected.

Commits

Summary	ID
Require SafeStrings for all HTML in review request fields. We've had a long-standing task to enforce HTML safety in review request fields. We've trusted that all HTML strings were safe, but with TODO comments saying we need to move to `SafeString` enforcement. This change makes that move. We now expect `SafeString` results from all rendering functions for views. Since this is a breaking change, it's a soft requirement. We convert native strings to `SafeString`s when found, but with a deprecation warning. This gave me the opportunity to clean up some of our HTML rendering code to be a bit more manageable. All built-in fields have been updated to ensure `SafeString` results. Note that affected functions have not received any signature updates. Those will be handled separately as part of a larger change.	fd9ff985ae4d8a4fc4dd7b21bef661a8789d7b88

Summary

Require SafeStrings for all HTML in review request fields.

We've had a long-standing task to enforce HTML safety in review request fields. We've trusted that all HTML strings were safe, but with TODO comments saying we need to move to `SafeString` enforcement. This change makes that move. We now expect `SafeString` results from all rendering functions for views. Since this is a breaking change, it's a soft requirement. We convert native strings to `SafeString`s when found, but with a deprecation warning. This gave me the opportunity to clean up some of our HTML rendering code to be a bit more manageable. All built-in fields have been updated to ensure `SafeString` results. Note that affected functions have not received any signature updates. Those will be handled separately as part of a larger change.

fd9ff985ae4d8a4fc4dd7b21bef661a8789d7b88

Issues

Description	From	Last Updated
Need a version changed for making this keyword-only.	maubin	March 19, 2025, 5:19 p.m.
Need a version changed for making this keyword-only.	maubin	March 19, 2025, 5:19 p.m.
Need a version changed for making this keyword-only.	maubin	March 19, 2025, 5:19 p.m.
Missing a version added.	maubin	March 19, 2025, 5:20 p.m.

JSHint timed out.

Change Summary:

Fixed a call from format_html_join -> format_html.

Commits:

	Summary	ID
	Require SafeStrings for all HTML in review request fields. We've had a long-standing task to enforce HTML safety in review request fields. We've trusted that all HTML strings were safe, but with TODO comments saying we need to move to `SafeString` enforcement. This change makes that move. We now expect `SafeString` results from all rendering functions for views. Since this is a breaking change, it's a soft requirement. We convert native strings to `SafeString`s when found, but with a deprecation warning. This gave me the opportunity to clean up some of our HTML rendering code to be a bit more manageable. All built-in fields have been updated to ensure `SafeString` results. Note that affected functions have not received any signature updates. Those will be handled separately as part of a larger change.	5659c51b5ef2e4a694cd8150e176d8bd239a93d6
	Require SafeStrings for all HTML in review request fields. We've had a long-standing task to enforce HTML safety in review request fields. We've trusted that all HTML strings were safe, but with TODO comments saying we need to move to `SafeString` enforcement. This change makes that move. We now expect `SafeString` results from all rendering functions for views. Since this is a breaking change, it's a soft requirement. We convert native strings to `SafeString`s when found, but with a deprecation warning. This gave me the opportunity to clean up some of our HTML rendering code to be a bit more manageable. All built-in fields have been updated to ensure `SafeString` results. Note that affected functions have not received any signature updates. Those will be handled separately as part of a larger change.	10324cb28665867db99b4d46528527eee22a4ba1

Diff:

Revision 2 (+978 -352)

Show changes

	reviewboard/reviews/builtin_fields.py
	reviewboard/reviews/fields.py

Checks run (1 timed out)

JSHint timed out.

reviewboard/reviews/fields.py (Diff revision 2)
The issue has been resolved. Show all issues
```
Need a version changed for making this keyword-only.
```
reviewboard/reviews/fields.py (Diff revision 2)
The issue has been resolved. Show all issues
```
Need a version changed for making this keyword-only.
```
reviewboard/reviews/fields.py (Diff revision 2)
The issue has been resolved. Show all issues
```
Need a version changed for making this keyword-only.
```
reviewboard/reviews/fields.py (Diff revision 2)
The issue has been resolved. Show all issues
```
Missing a version added.
```

Change Summary:

Added missing version information to the docs.

Commits:

	Summary	ID
	Require SafeStrings for all HTML in review request fields. We've had a long-standing task to enforce HTML safety in review request fields. We've trusted that all HTML strings were safe, but with TODO comments saying we need to move to `SafeString` enforcement. This change makes that move. We now expect `SafeString` results from all rendering functions for views. Since this is a breaking change, it's a soft requirement. We convert native strings to `SafeString`s when found, but with a deprecation warning. This gave me the opportunity to clean up some of our HTML rendering code to be a bit more manageable. All built-in fields have been updated to ensure `SafeString` results. Note that affected functions have not received any signature updates. Those will be handled separately as part of a larger change.	10324cb28665867db99b4d46528527eee22a4ba1
	Require SafeStrings for all HTML in review request fields. We've had a long-standing task to enforce HTML safety in review request fields. We've trusted that all HTML strings were safe, but with TODO comments saying we need to move to `SafeString` enforcement. This change makes that move. We now expect `SafeString` results from all rendering functions for views. Since this is a breaking change, it's a soft requirement. We convert native strings to `SafeString`s when found, but with a deprecation warning. This gave me the opportunity to clean up some of our HTML rendering code to be a bit more manageable. All built-in fields have been updated to ensure `SafeString` results. Note that affected functions have not received any signature updates. Those will be handled separately as part of a larger change.	fd9ff985ae4d8a4fc4dd7b21bef661a8789d7b88

Diff:

Revision 3 (+1008 -352)

Show changes

	reviewboard/reviews/builtin_fields.py
	reviewboard/reviews/fields.py

Checks run (2 succeeded)

flake8 passed.

JSHint passed.

Ship it!

```
Ship It!
```

Ship it!

```
Ship It!
```

Status:: Completed
Change Summary:: Pushed to release-7.1.x (77ee2eb)