Tooltips and html content - too strick JSON validation from version 46?

[Martin Husted Hartvig]

Hi,
In version 46 JSON validation had a brush up and became more strick - I had some tooltips that was javascripts, like the createCustomHTMLContent example shown in the docs:
https://developers.google.com/chart/interactive/docs/customizing_tooltip_content#customizing-html-content

As version 46, and up to 49,  html data sent in JSON without quoting fails... at least for me. Is this a bug, or is there a workaround? Adding quoting makes the JSON valid, but the tooltip is shown with the javascript as content.

Regards,

Martin Husted Hartvig

[Daniel LaLiberte]

The strictness of JSON was one improvement (for security) in recent versions, but another improvement that was also imposed is the more rigorous encoding of HTML in cases where HTML is not allowed.  It should still be the case that HTML in tooltips is allowed, but as the documentation says:

you must do two things:

1. Specify tooltip.isHtml: true in the chart options. This tells the chart to draw the tooltips in HTML (as opposed to SVG).
2. Mark an entire column, or a specific cell, in the data table with the html custom property. A datatable column with the tooltip role and HTML property would be:
   dataTable.addColumn({'type': 'string', 'role': 'tooltip', 'p': {'html': true}})

If there is some HTML that is not being rendered as HTML, please be specific about what it is.  It is possible that not all HTML is allowed to be used in this way.

--
You received this message because you are subscribed to the Google Groups "Google Visualization API" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-visualizati...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-visualization-api/074c882e-a6f8-4237-946e-35288fb83cban%40googlegroups.com.

--

Daniel LaLiberte

dlaliberte@Google.com   Cambridge MA

[Martin Husted Hartvig]

Yea, I have all those settings, and my stuff work on 45.2 and below - just like in the example with rows like:

dataTable.addRows([ ['USA', createCustomHTMLContent('https://upload.wikimedia.org/wikipedia/en/a/a4/Flag_of_the_United_States.svg', 46, 29, 29), 46, 29, 29], ['China', createCustomHTMLContent('https://upload.wikimedia.org/wikipedia/commons/f/fa/Flag_of_the_People%27s_Republic_of_China.svg', 38, 27, 23), 38, 27, 23], ['UK', createCustomHTMLContent('https://upload.wikimedia.org/wikipedia/commons/a/ae/Flag_of_the_United_Kingdom.svg', 29, 17, 19), 29, 17, 19] ]); 

Only thing is, that the datasource is JSON from the server. After the 46 release some html tags works, like <div>, but the javascript part, as taken from the documentation, doesn't work anymore.

[Daniel LaLiberte]

OK, now I am seeing problems on the Tooltips documentation page.  I'm not sure yet exactly what is failing, but I'll be looking into it.  

Insertion of a "script" tag in your tooltip HTML is probably disabled, and that is probably necessary because dynamically constructed scripts could do virtually anything. We'll have to provide another way to get a similar effect, by allowing you to bind static scripts to your dynamic HTML.

To view this discussion on the web visit https://groups.google.com/d/msgid/google-visualization-api/84dd4cad-ca4f-41c5-a03d-84ab8c92c1b7n%40googlegroups.com.

[Martin Husted Hartvig]

Great, that you'll look into it. And I tried inserting the javascript with a <script> but it just showed a tooltip something like a ', so you're right about that.