Skip to content

TASK-8059 - Allow to export Report to a Word Document #1052

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jmjuanes wants to merge 16 commits into
base: TASK-7645
Choose a base branch
from
Open

TASK-8059 - Allow to export Report to a Word Document #1052

jmjuanes wants to merge 16 commits into from

Conversation

@jmjuanes
Copy link
Member

@jmjuanes jmjuanes commented Dec 18, 2025

No description provided.

jmjuanes and others added 15 commits December 4, 2025 10:54
@jmjuanes
iva: update configuration file #TASK-8059
76ee0fd
@jmjuanes
Merge branch 'TASK-7645' into TASK-8059
37cebac
@jmjuanes
wc: new dropdown menu in clinical report preview #TASK-8059
2c54472
@jmjuanes
wc: fix editing report template in clinical-report-preview #TASK-8059
f46d715
@jmjuanes
pkg: update dependencies in package.json #TASK-8059
d75be6e
@jmjuanes
core: extract method to download a blob as a file in utilsnew #TASK-8059
ca0a353
@jmjuanes
wc: minor code clean in data-form #TASK-8059
1bda0e8
@jmjuanes
wc: initialize word conversion utils #TASK-8059
13da26c
@jmjuanes
wc: integrate converting to word in clinical report preview #TASK-8059
7c3eddb
@jmjuanes
Merge branch 'TASK-8059' of github.com:opencb/jsorolla into TASK-8059
48c66a6
@imedina @jmjuanes
wc: new word-builder component
5f99923
@imedina @jmjuanes
Enhance WordBuilder to support custom styling for text runs and parag…
83de3e3 
…raphs. Added methods to parse CSS styles and apply them to Word document elements, including support for font properties, colors, and background styles. Updated existing methods to utilize new styling capabilities for titles, descriptions, and list items.
@jmjuanes
wc: remove unused word-utils module #TASK-8076
ddc71cb
@jmjuanes
wc: integrate word builder info clinical report preview #TASK-8076
d75b3d6
@jmjuanes
pkg: remove unused dependencies in package.json #TASK-8091 #TASK-8059
b0d4ff6
Copilot AI reviewed Dec 18, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 100 out of 176 changed files in this pull request and generated 2 comments.

Comments suppressed due to low confidence (1)

src/webcomponents/file/file-delete.js:1

  • Debugger statement should be removed before merging to production code.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/webcomponents/commons/forms/word-builder.js
Comment on lines +297 to +305
#htmlToPlainText(html) {
if (typeof html !== "string") {
return String(html ?? "");
}
// Use DOMParser to strip HTML tags while keeping text content
const parser = new DOMParser();
const doc = parser.parseFromString(html, "text/html");
return doc.body.textContent || "";
}
Copy link

Copilot AI Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using DOMParser with unsanitized HTML could be a security concern. Consider validating or sanitizing the HTML input before parsing to prevent potential XSS attacks.

Copilot uses AI. Check for mistakes.
src/webcomponents/commons/forms/word-builder.js
Comment on lines +337 to +339
// Fetch remote image and embed
try {
const imageRun = await this.#remoteUrlToImageRun(src, child);
Copy link

Copilot AI Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fetching images from remote URLs without validation could pose security risks. Consider implementing URL validation or using a whitelist of allowed domains before fetching remote images.

Suggested change
// Fetch remote image and embed
try {
const imageRun = await this.#remoteUrlToImageRun(src, child);
// Validate and fetch remote image and embed
try {
const url = new URL(src, window.location?.origin || undefined);
// Only allow http/https protocols
if (url.protocol !== "http:" && url.protocol !== "https:") {
throw new Error("Disallowed image URL protocol");
}
// Optional hostname whitelist via wordConfig.allowedImageHosts
const allowedHosts = this.wordConfig?.allowedImageHosts;
if (Array.isArray(allowedHosts) && allowedHosts.length > 0 && !allowedHosts.includes(url.hostname)) {
throw new Error("Disallowed image host");
}
const imageRun = await this.#remoteUrlToImageRun(url.toString(), child);

Copilot uses AI. Check for mistakes.
@jmjuanes jmjuanes changed the base branch from develop to TASK-7645 December 19, 2025 09:32
@jmjuanes jmjuanes marked this pull request as draft December 19, 2025 09:33
@jmjuanes jmjuanes marked this pull request as ready for review December 19, 2025 09:33
gpveronica
gpveronica requested changes Dec 19, 2025
View reviewed changes
@gpveronica gpveronica self-requested a review December 19, 2025 13:22
@opencb opencb deleted a comment from imedina Dec 19, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 22, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot
3.3% Duplication on New Code (required ≤ 3%)

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@gpveronica gpveronica gpveronica approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jmjuanes @gpveronica @imedina