Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why isn't HTML working in Bootstrap v5 Popover?

Tags:

html

twitter-bootstrap

bootstrap-5

popover

When I add HTML into my Bootstrap v5 popover, it does not display the HTML in the popover. I believe that I have all of the correct options passed as described in the docs. Almost all of the results which I've gotten from searches to try and understand this issue deal with Bootstrap v4 and v3, so they aren't of use to me.

The popover all of the way on the right should have the switch affordance ("Toggle") appear below "Hello World" in the popover. The HTML code is present.

Bootstrap v5 HTML Popover Not Working

The code of the above tests centers around these 3 affordances:

<!-- Popover Works -->
<span class="fs-3 actions-link-style ai-more-horizontal" data-bs-container="body" data-bs-toggle="popover" data-bs-placement="top" title="Title" data-bs-sanitize="false" data-bs-html="true" data-bs-content="Hello World"></span>

<!-- HTML Switch Works -->
<div class='form-check form-switch'><input type='checkbox' class='form-check-input' id='customSwitch1'><label class='form-check-label' for='customSwitch1'>Toggle</label></div>

<!-- Popover with HTML Switch Does Not Work -->
<span class="fs-3 actions-link-style ai-more-horizontal" data-bs-container="body" data-bs-toggle="popover" data-bs-placement="top" title="Title" data-bs-sanitize="false" data-bs-html="true" data-bs-content="Hello World<br><div class='form-check form-switch'><input type='checkbox' class='form-check-input' id='customSwitch2'><label class='form-check-label' for='customSwitch2'>Toggle</label></div>"></span>

Have I missed something? Please let me know. Thank you!

like image 830
Berklie Avatar asked Oct 16 '25 10:10

Berklie

1 Answers

Ok, reading and re-reading the Bootstrap v5 documentation's fine print finally led me to the solution.

Even though data-bs-sanitize="false" is a valid option that can be passed, per the documentation... the documentation also notes elsewhere that:

Note that for security reasons the sanitize, sanitizeFn, and allowList options cannot be supplied using data attributes.

So... in order for the HTML to execute, because data-bs-sanitize="false" is ignored, one has to manually add non-default values to the Sanitizer whitelist which are used with the HTML code inside the popover. In my case, they were as follows:

var myDefaultAllowList = bootstrap.Tooltip.Default.allowList

// To allow elements
myDefaultAllowList.input = ['type', 'checked']
myDefaultAllowList.label = ['for']

And now... it's working as intended. A lesson in sanitization.

like image 67
Berklie Avatar answered Oct 19 '25 00:10

Berklie
Sign in to Comment

Related questions

Float graphic figure and caption around text in rmarkdown for hmtl output
Load images from folder into HTML page for display in gallery/album automatically as they are added to folder
Element with shadow root breaks text selection
CSS change style if input has value or not
How to iterate through DOM elements in react and add/remove classes?
Css counters difference in output for marker and before pseudo elements
In javascript how to send data to php file using post method
How to access parent window when the modal window is open?
Ways to stick footer to the bottom a page
Scalatest html reports
How to enable HTML TextArea auto width resizing?
html2canvas missing background
HTML5 video element width and height attributes question
HTML5 Video Playback - image preload
How to make background image not resizable in html?
mxGraph - How to automatically resize mxCell to content width if it exceeds the default size
Angular: How to implement ng-include like functionality in Angular 5?
Display HTML table from xml file over web browser without using any software or installation on unix

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!