Github user andrewor14 commented on the pull request:
https://github.com/apache/spark/pull/11845#issuecomment-199402824
@lw-lin thanks for summarizing the issue. Yes, we don't want to process
arbitrary HTML so we don't have to worry about potential XSS threats. However,
I agree with @srowen that the approach you chose here seems kind of arbitrary.
Instead, a better place to do this might be in `UIUtils.makeDescription`. There
we already parse the description for anchor tags, so we can just pass in an
additional flag there to optionally remove the tags.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
