remove html tags from name field in exported broker agencies family d…

…ata (#4957)

* remove html tags from name field in exported data

* Potential fix for code scanning alert no. 353253: DOM text reinterpreted as HTML

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Michael Karamanov <[email protected]>

* do not interpret dom node text as html

---------

Signed-off-by: Michael Karamanov <[email protected]>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

components/benefit_sponsors/app/views/benefit_sponsors/profiles/broker_agencies/broker_agency_profiles/_families.html.erb

@@ -60,6 +60,66 @@
             }
           },
           "columns": filteredColumnList,
+          "buttons": [
+            {
+              extend: 'copy',
+              exportOptions: {
+                format: {
+                  header: function(str) { return $("<div>" + str + "</div>").text().trim(); },
+                  body: function(data, row, column, node) {
+                    if (typeof data === 'string' && data.includes('<')) {
+                      return $(node).text().trim();
+                    }
+                    return data;
+                  }
+                },
+                columns: ':not(.col-actions)'
+              }
+            },
+            {
+              extend: 'excel',
+              exportOptions: {
+                format: {
+                  header: function(str) { return $("<div>" + str + "</div>").text().trim(); },
+                  body: function(data, row, column, node) {
+                    if (typeof data === 'string' && data.includes('<')) {
+                      return $(node).text().trim();
+                    }
+                    return data;
+                  }
+                },
+                columns: ':not(.col-actions)'
+              }
+            },
+            {
+              extend: 'csv',
+              exportOptions: {
+                format: {
+                  header: function(str) { return $("<div>" + str + "</div>").text().trim(); },
+                  body: function(data, row, column, node) {
+                    if (typeof data === 'string' && data.includes('<')) {
+                      return $(node).text().trim();
+                    }
+                    return data;
+                  }
+                },
+                columns: ':not(.col-actions)'
+              }
+            },
+            {
+              extend: 'print',
+              exportOptions: {
+                columns: ':not(.col-actions)'
+              },
+              customize: function(win) {
+                // Convert any HTML in the print view to plain text
+                $(win.document.body).find('table').find('td,th').each(function() {
+                  var $cell = $(this);
+                  $cell.text($cell.text().trim());
+                });
+              }
+            }
+          ],
           'dom': "<'d-flex align-items-center w-100 justify-content-between mb-4'" +
           "Bf" +
           ">" +
@@ -154,6 +214,66 @@
             }
           },
           "columns": filteredColumnList,
+          "buttons": [
+            {
+              extend: 'copy',
+              exportOptions: {
+                format: {
+                  header: function(str) { return $("<div>" + str + "</div>").text().trim(); },
+                  body: function(data, row, column, node) {
+                    if (typeof data === 'string' && data.includes('<')) {
+                      return $(node).text().trim();
+                    }
+                    return data;
+                  }
+                },
+                columns: ':not(.col-actions)'
+              }
+            },
+            {
+              extend: 'excel',
+              exportOptions: {
+                format: {
+                  header: function(str) { return $("<div>" + str + "</div>").text().trim(); },
+                  body: function(data, row, column, node) {
+                    if (typeof data === 'string' && data.includes('<')) {
+                      return $(node).text().trim();
+                    }
+                    return data;
+                  }
+                },
+                columns: ':not(.col-actions)'
+              }
+            },
+            {
+              extend: 'csv',
+              exportOptions: {
+                format: {
+                  header: function(str) { return $("<div>" + str + "</div>").text().trim(); },
+                  body: function(data, row, column, node) {
+                    if (typeof data === 'string' && data.includes('<')) {
+                      return $(node).text().trim();
+                    }
+                    return data;
+                  }
+                },
+                columns: ':not(.col-actions)'
+              }
+            },
+            {
+              extend: 'print',
+              exportOptions: {
+                columns: ':not(.col-actions)'
+              },
+              customize: function(win) {
+                // Convert any HTML in the print view to plain text
+                $(win.document.body).find('table').find('td,th').each(function() {
+                  var $cell = $(this);
+                  $cell.text($cell.text().trim());
+                });
+              }
+            }
+          ],
           'dom': "<'row'" +
           "<'col-sm-7 col-md-7'B><'col-sm-5 col-md-5'f>" +
           ">" +

project_gems/effective_datatables-2.6.14/app/assets/javascripts/dataTables/buttons/buttons.print.js

@@ -77,6 +77,9 @@ DataTable.ext.buttons.print = {
 	action: function ( e, dt, button, config ) {
 		// Function to remove href tags
 		function removeHrefTags(data) {
+			if (!data || typeof data !== 'string') {
+				return data || '';
+			}
 			return data.replace(/<a\b[^>]*>(.*?)<\/a>/gi, '$1');
 		}