fix: replace innerHTML with textContent in sampler.js and pitchslider.js#7491
Open
NAME-ASHWANIYADAV wants to merge 1 commit into
Open
Conversation
NAME-ASHWANIYADAV
requested review from
pikurasa and
walterbender
as code owners
github-actions
Bot
added
bug fix
Contributor
|
🧪 Jest Test Results ✅ All Jest tests passed! This PR is ready to merge. Coverage: Statements: 48.3% | Branches: 39.92% | Functions: 53.01% | Lines: 48.7% |
Contributor
Author
Chaitu7032
approved these changes
Jun 11, 2026
Chaitu7032
left a comment
Chaitu7032
left a comment
Contributor
There was a problem hiding this comment.
The conversion from innerHTML to textContent is appropriate here.
kartikktripathi
approved these changes
Jun 11, 2026
kartikktripathi
left a comment
kartikktripathi
left a comment
Contributor
There was a problem hiding this comment.
LGTM. @walterbender
Contributor
Author
|
thank u guys !! @Chaitu7032 @kartikktripathi |
Member
|
I need to think about removing the HTML label tag. It has its uses, esp. for things like screen readers. @abhinish What do you think? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR Category
Description
This PR addresses security and code quality improvements by replacing
innerHTMLwithtextContentfor rendering static UI text insampler.jsandpitchslider.js.As outlined in
AGENTS.md(Section 4: PrefertextContentoverinnerHTML), usinginnerHTMLto inject static text strings is an anti-pattern. This PR ensures we follow the project's security and DOM manipulation guidelines.Changes Made
js/widgets/sampler.js: ReplacedinnerHTMLwithtextContentfor static UI elements including "AI Sample Generation", "Submit", "Preview", and "Save" buttons.js/widgets/pitchslider.js: ReplacedinnerHTMLwithtextContentfor setting thefreqLabeldisplay text, removing unnecessary inline<label>injections.eslintandnpx prettier --writeas required.Why This Matters
AGENTS.md.Verification
innerHTMLwithtextContentwhere applicable.npm run lintand resolved any issues.npx prettier --check .to ensure formatting consistency.npm test.