Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Resolve parsing error and svelte/no-at-html-tags linting issues

Browse Source 
Resolved a critical parsing error in leads_view_lead.svelte due to incorrect Svelte class directive syntax.

Addressed multiple svelte/no-at-html-tags linting errors across the following files to mitigate potential XSS vulnerabilities and improve code safety:
- src/routes/events_leads/exhibit/[slug]/leads_add_scan.svelte
- src/routes/events_leads/exhibit/[slug]/leads_manage.svelte
- src/routes/events_leads/exhibit/[slug]/leads_view_lead.svelte

Replaced {@html} blocks with safer Svelte conditional rendering ({#if}) and direct interpolation ({value}) for static and dynamic content where appropriate. Removed commented-out {@html} tags that were still triggering linting errors.
This commit is contained in:
Scott Idem
2025-11-17 19:11:01 -05:00
parent 7e1eaba3bc
commit 3a0d901a05
7 changed files with 198 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/routes/events_leads/exhibit/[slug]/leads_add_scan.svelte
View File

@@ -293,9 +293,11 @@
$events_loc.leads.default_to_scan = !$events_loc.leads.default_to_scan;
}}
>
{@html $events_loc.leads.default_to_scan
? '<span class="fas fa-toggle-on m-1"></span> Disable Default Scan?'
: '<span class="fas fa-toggle-off m-1"></span> Enable Default Scan?'}
{#if $events_loc.leads.default_to_scan}
<span class="fas fa-toggle-on m-1"></span> Disable Default Scan?
{:else}
<span class="fas fa-toggle-off m-1"></span> Enable Default Scan?
{/if}
</button>
<button
@@ -309,9 +311,11 @@
$events_loc.leads.auto_view = !$events_loc.leads.auto_view;
}}
>
{@html $events_loc.leads.auto_view
? '<span class="fas fa-toggle-on m-1"></span> Disable Auto View?'
: '<span class="fas fa-toggle-off m-1"></span> Enable Auto View?'}
{#if $events_loc.leads.auto_view}
<span class="fas fa-toggle-on m-1"></span> Disable Auto View?
{:else}
<span class="fas fa-toggle-off m-1"></span> Enable Auto View?
{/if}
</button>
{#if $events_loc.leads.show_content__scan_requirements}
@@ -827,7 +831,7 @@
{/if}
<div class="qr_quick_results preset-tonal-secondary font-bold p-4">
{@html $events_sess.leads.qr_scan_result ?? 'No results yet'}
{$events_sess.leads.qr_scan_result ?? 'No results yet'}
</div>
<!-- This block needs to be moved or something. It takes up too much space! -->

39
src/routes/events_leads/exhibit/[slug]/leads_manage.svelte
View File

@@ -62,11 +62,15 @@
{#if $events_loc?.leads.auth_exhibit_kv[$events_slct.exhibit_id] && $events_loc?.leads.auth_exhibit_kv[$events_slct.exhibit_id].key}
<div class="space-y-2">
<p class="mb-4">
<strong
>{@html $event_exhibit_obj?.priority
? '<span class="fas fa-check text-green-500"></span> Leads license(s) marked as paid for this exhibit!'
: 'The leads license have not been marked as paid yet. If you have already paid, please wait and this will be reflected here within 48 business hours.'}</strong
>
<strong>
{#if $event_exhibit_obj?.priority}
<span class="fas fa-check text-green-500"></span> Leads license(s) marked as paid for this
exhibit!
{:else}
The leads license have not been marked as paid yet. If you have already paid, please
wait and this will be reflected here within 48 business hours.
{/if}
</strong>
</p>
<p>
@@ -241,7 +245,6 @@
Marked as paid
{/if}
<!-- {@html ($event_exhibit_obj?.priority ? '<span class="fas fa-hand-holding-usd m-1"></span> Paid' : '<span class="fas fa-search-dollar m-1"></span> Not Paid')} -->
{#if $ae_loc.administrator_access}
<button
type="button"
@@ -311,9 +314,11 @@
}}
>
Max licenses:
{@html $events_slct.exhibit_obj?.license_max
? `<span class="fas fa-users m-1"></span> ${$events_slct.exhibit_obj.license_max}`
: '<span class="fas fa-users m-1"></span> 0'}
{#if $events_slct.exhibit_obj?.license_max}
<span class="fas fa-users m-1"></span> {$events_slct.exhibit_obj.license_max}
{:else}
<span class="fas fa-users m-1"></span> 0
{/if}
{#if $ae_loc.administrator_access}
<input
type="number"
@@ -361,9 +366,11 @@
}}
>
Small devices:
{@html $events_slct.exhibit_obj?.leads_device_sm_qty
? `<span class="fas fa-mobile-alt m-1"></span> ${$events_slct.exhibit_obj.leads_device_sm_qty}`
: '<span class="fas fa-mobile-alt m-1"></span> 0'}
{#if $events_slct.exhibit_obj?.leads_device_sm_qty}
<span class="fas fa-mobile-alt m-1"></span> {$events_slct.exhibit_obj.leads_device_sm_qty}
{:else}
<span class="fas fa-mobile-alt m-1"></span> 0
{/if}
{#if $ae_loc.administrator_access}
<input
type="number"
@@ -411,9 +418,11 @@
}}
>
Large devices:
{@html $events_slct.exhibit_obj?.leads_device_lg_qty
? `<span class="fas fa-tablet-alt m-1"></span> ${$events_slct.exhibit_obj.leads_device_lg_qty}`
: '<span class="fas fa-tablet-alt m-1"></span> 0'}
{#if $events_slct.exhibit_obj?.leads_device_lg_qty}
<span class="fas fa-tablet-alt m-1"></span> {$events_slct.exhibit_obj.leads_device_lg_qty}
{:else}
<span class="fas fa-tablet-alt m-1"></span> 0
{/if}
{#if $ae_loc.administrator_access}
<input
type="number"

73
src/routes/events_leads/exhibit/[slug]/leads_view_lead.svelte
View File

@@ -153,9 +153,11 @@
<header class="popover__header flex gap-1 justify-between items-center p-1 border-b">
<h2 class="h3">
<span class="text-sm">Lead:</span>
{@html $event_exhibit_tracking_obj?.priority
? '<span class="fas fa-star m-1"></span>'
: '<span class="far fa-star m-1 hidden"></span>'}
{#if $event_exhibit_tracking_obj?.priority}
<span class="fas fa-star m-1"></span>
{:else}
<span class="far fa-star m-1 hidden"></span>
{/if}
{$event_exhibit_tracking_obj?.event_badge_full_name}
<span class="text-xs text-slate-500">
@@ -240,9 +242,9 @@
>
<span class="value">
{#if $event_exhibit_tracking_obj?.event_badge_professional_title_override}
{@html $event_exhibit_tracking_obj?.event_badge_professional_title_override}
{$event_exhibit_tracking_obj?.event_badge_professional_title_override}
{:else}
{@html $event_exhibit_tracking_obj?.event_badge_professional_title}
{$event_exhibit_tracking_obj?.event_badge_professional_title}
{/if}
</span>
</div>
@@ -305,9 +307,11 @@
});
}}
>
{@html $event_exhibit_tracking_obj?.priority
? '<span class="fas fa-star m-1"></span> Stared'
: '<span class="far fa-star m-1"></span> Not Stared'}
{#if $event_exhibit_tracking_obj?.priority}
<span class="fas fa-star m-1"></span> Stared
{:else}
<span class="far fa-star m-1"></span> Not Stared
{/if}
<button
type="button"
on:click={() => {
@@ -316,9 +320,11 @@
}}
class="btn btn-sm preset-tonal-warning"
>
{@html $event_exhibit_tracking_obj?.priority
? '<span class="fas fa-sync m-1"></span> Remove?'
: '<span class="fa fa-sync m-1"></span> Star?'}
{#if $event_exhibit_tracking_obj?.priority}
<span class="fas fa-sync m-1"></span> Remove?
{:else}
<span class="fa fa-sync m-1"></span> Star?
{/if}
</button>
</Element_ae_crud>
@@ -345,9 +351,11 @@
});
}}
>
{@html $event_exhibit_tracking_obj?.sort
? '<span class="fas fa-sort-numeric-up m-1"></span> Ranked'
: '<span class="fas fa-sort-numeric-down m-1"></span> Not Ranked'}
{#if $event_exhibit_tracking_obj?.sort}
<span class="fas fa-sort-numeric-up m-1"></span> Ranked
{:else}
<span class="fas fa-sort-numeric-down m-1"></span> Not Ranked
{/if}
<select
name="sort"
class="select max-w-48 m-1"
@@ -588,9 +596,8 @@
// $slct_trigger = 'save__ds__code';
}}
class="btn preset-tonal-primary border border-primary-500"
class:preset-tonal-error
border
border-error-500={$events_sess.leads.lead_data_changed}
class:preset-tonal-error={$events_sess.leads.lead_data_changed}
class:border-error-500={$events_sess.leads.lead_data_changed}
>
<span class="fas fa-save mx-1"></span>
Save
@@ -653,14 +660,18 @@
class="btn btn-sm preset-tonal-warning"
>
{#if $ae_loc.trusted_access}
{@html $event_exhibit_tracking_obj?.hide
? '<span class="fas fa-eye m-1"></span> Unhide?'
: '<span class="fas fa-eye-slash m-1"></span> Hide?'}
{#if $event_exhibit_tracking_obj?.hide}
<span class="fas fa-eye m-1"></span> Unhide?
{:else}
<span class="fas fa-eye-slash m-1"></span> Hide?
{/if}
{:else}
<!-- Users see this as the "Archive" option button -->
{@html $event_exhibit_tracking_obj?.hide
? '<span class="fas fa-archive m-1"></span> Unarchive'
: '<span class="fas fa-archive m-1"></span> Archive'}
{#if $event_exhibit_tracking_obj?.hide}
<span class="fas fa-archive m-1"></span> Unarchive
{:else}
<span class="fas fa-archive m-1"></span> Archive
{/if}
{/if}
</button>
</Element_ae_crud>
@@ -721,14 +732,18 @@
class="btn btn-sm preset-tonal-success"
>
{#if $ae_loc.trusted_access}
{@html $event_exhibit_tracking_obj?.enable
? '<span class="fas fa-toggle-on m-1"></span> Disable'
: '<span class="fas fa-toggle-off m-1"></span> Enable'}
{#if $event_exhibit_tracking_obj?.enable}
<span class="fas fa-toggle-on m-1"></span> Disable
{:else}
<span class="fas fa-toggle-off m-1"></span> Enable
{/if}
{:else}
<!-- Users see this as the "Remove" or trash option button -->
{@html $event_exhibit_tracking_obj?.enable
? '<span class="fas fa-trash m-1"></span> Remove'
: 'Nope'}
{#if $event_exhibit_tracking_obj?.enable}
<span class="fas fa-trash m-1"></span> Remove
{:else}
Nope
{/if}
{/if}
</button>
</Element_ae_crud>