The URLs displayed in the Forge URL columns in the datatable are not sanitized currently, and there is no way to access these links without copying and pasting them in the address bar, which can be fixed by using a clickable icon.
Example for another instance of sanitized URLs: https://forge.softwareheritage.org/source/swh-web/browse/master/assets/src/bundles/save/index.js$172
@anirudhlakhotia, sorry but you are wrong here, forge URLs are santized in the moderation dashboard. This is exactly the purpose of the use of the $.fn.dataTable.render.text() render function (see Security doc of datatables).
Oh
I didn't understand the difference between the inline comment here and this case, could you please explain it?
Understood the difference there, I had changed $.fn.dataTable.render.text() to a function returning an <a> tag, hence the security issues.
Thank you!
I was trying to achieve the same results as D7489 for the moderation dashboard essentially, with a clickable icon to open the links in a new tab. Is that still valid?