Dashboards & Visualizations

How do I display a token value unescaped in an HTML panel?

petom
Path Finder

I have the following simple dashboard in Simple XML format to test displaying of autogenerated html code. The html code is stored in a token.

<dashboard>
  <label>HTML Test</label>
  <init>
    <set token="testHtml"><![CDATA[<b>Hi there!</b>]]></set>
  </init>
  <row>
    <panel>
      <html>
        $testHtml|n$
      </html>
    </panel>
  </row>
</dashboard>

However, I am unable to display it as a proper HTML formatted output. It always gets escaped and I see raw HTML code instead of formatted text, meaning I get

<b>Hi there!</b>

instead of

Hi there!

According to the documentation for Tokens, syntax $token|n$ should return unescaped content, which I would assume, in my case, would be a raw HTML, which gets rendered by the browser.

Does anybody have experience with this?

I don't want to convert it to an HTML dashboard. I would like to use it Simple XML. And yes, I could upload a JavaScript, which could do it for me. But focus here is, why the documented syntax does not work.

0 Karma

alex_tc80
Explorer

Escaping prevents using a single <set token> to set multiple values on a multiple select box .
You need to use <set token> multiple times for each value to be set.

https://community.splunk.com/t5/Dashboards-Visualizations/pass-multiple-values-to-multiselect-box-fr... ) 

0 Karma

niketn
Legend

@petom using token to create HTML content in your dashboard could be dangerous (depending on how token is being set in the first place). Which is the reason why it is treated as string and html tag. You can use Simple XML JS extension to add HTML content using token through jquery. Refer to one of my older answers:

https://answers.splunk.com/answers/324828/render-html-code-from-search-result-in-splunk-dash.html

Also, as an alternate to avoid JS, instead of passing rich html content can you not just send the token text and have html panel with html formatting/tags that you need?

Refer to the following run anywhere code:

<dashboard>
  <label>Unescaped HTML code</label>
   <init>
     <set token="testHtml">Hi there</set>
   </init>
   <row>
     <panel>
       <html depends="$testHtml$">
        <b>$testHtml$</b>
       </html>
     </panel>
   </row>  
</dashboard>
____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

petom
Path Finder

@niketnilay, I don't really agree with you that the token value should be escaped in html regardless.
As per Splunk documentation, there is a token filter available in the form of $token|h$, which will make it secure by escaping html. There are also other filters available for other cases / requirements.

I fully understand if Splunk decided to make html escaping in html panel as a default token filter. However, $token|n$ filter says Prevents the default token filter from running. No characters in the token are escaped. and it does not work.
There can be cases, why we may want to apply no filters.

Regarding JS, I am fully aware of it and I have already done some development with it as well as I've done a dashboard fully in HTML format (with javascript of course), rather than Simple XML, before.
In this particular case I have some silly limitations of the project and I cannot really upload any resource files (images, javascript, etc.). So I am just sort of stuck with Simple XML.

As I mentioned in my question, focus is on pure Simple XML. And actually why the documented feature is not working.

Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...