Skip to content

Enhance OG preview and text count components #34314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
erickgonzalez merged 6 commits into from
Jan 22, 2026
Merged

Enhance OG preview and text count components #34314

erickgonzalez merged 6 commits into from
Jan 22, 2026
+56 −1

Conversation

@nicobytes
Copy link
Contributor

@nicobytes nicobytes commented Jan 16, 2026
edited by github-actions bot
Loading

This pull request updates the Open Graph preview and text count components to improve user experience and maintain consistency across legacy and new edit modes. It introduces a new text counter for the old editor, ensures fallback images for OG previews, and applies minor style enhancements.

Text Counter Improvements:

  • Added a new version of the text counter for the old editor, with improved layout, live character counting, and color feedback when exceeding the recommended maximum (text-count_old.vtl).
  • Updated the main text count template to conditionally load either the new or old version based on the edit mode, ensuring compatibility and consistent behavior (text_count.vtl).

Open Graph Preview Enhancements:

  • Changed the OG image preview logic to display a placeholder image if no image is set, improving the visual feedback for users (og_preview_new.vtl).
  • Added a text color style to the OG preview description for better readability in the old preview template (og_preview_old.vtl).

This PR fixes: #34029

This PR fixes: #34029

@github-actions github-actions bot mentioned this pull request Jan 16, 2026
Closed
10 tasks
@nicobytes nicobytes requested review from Copilot and oidacra January 16, 2026 21:28
Copilot AI reviewed Jan 18, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request enhances the Open Graph preview and text count components for dotCMS's content editor by introducing a new text counter for the legacy editor and improving the OG preview fallback behavior.

Changes:

  • Added a routing template (text_count.vtl) that conditionally loads either the new or old text counter based on edit mode
  • Created new text counter implementations for both new (text_count_new.vtl) and legacy (text-count_old.vtl) editors with live character counting and color feedback
  • Updated OG preview to show a placeholder image when no image is set (og_preview_new.vtl)
  • Added text color styling to the OG preview for better readability (og_preview_old.vtl)

Reviewed changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
text_count.vtl Router template that conditionally includes the appropriate text counter based on edit mode
text_count_new.vtl New text counter implementation using modern DotCustomFieldApi with module script
text-count_old.vtl Legacy text counter implementation using legacy DotCustomFieldApi methods
og_preview_new.vtl Updated to use external placeholder image when no OG image is set
og_preview_old.vtl Added color styling to the preview host element

erickgonzalez and others added 3 commits January 20, 2026 09:37
@semgrep-code-dotcms-test
Copy link

semgrep-code-dotcms-test bot commented Jan 22, 2026

Semgrep found 6 ssc-4fd3a3fc-acff-4277-9d88-60469f5a4fa5 findings:

  • core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/dot-analytics-dashboard.component.ts
  • core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-sparkline/dot-analytics-sparkline.component.ts
  • core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-platforms-table/dot-analytics-platforms-table.component.ts
  • core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-dashboard-metrics/dot-analytics-dashboard-metrics.component.ts
  • core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-dashboard-metrics/dot-analytics-dashboard-metrics.component.spec.ts
  • core-web/libs/portlets/dot-analytics/portlet/src/lib/dot-analytics-dashboard/components/dot-analytics-dashboard-engagement-report/dot-analytics-dashboard-engagement-report.component.ts

Risk: Affected versions of @angular/compiler and @angular/core are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). Angular's template compiler fails to classify the href and xlink:href attributes on SVG <script> elements as Resource URL contexts. This allows an attacker to bind a malicious data: URI or external script via [attr.href] or [attr.xlink:href], resulting in arbitrary JavaScript execution (XSS) in the victim's browser.

Fix: Upgrade this library to at least version 20.3.16 at core/core-web/yarn.lock:512.

Reference(s): GHSA-jrmj-c5cx-3cw6, CVE-2026-22610

If this is a critical or high severity finding, please also link this issue in the #security channel in Slack.

@erickgonzalez erickgonzalez added this pull request to the merge queue Jan 22, 2026
Merged via the queue into main with commit 0a7a7fc Jan 22, 2026
38 checks passed
@erickgonzalez erickgonzalez deleted the 34029-vtl-errors branch January 22, 2026 19:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@oidacra oidacra oidacra approved these changes

@erickgonzalez erickgonzalez erickgonzalez approved these changes

@adrianjm-dotCMS adrianjm-dotCMS adrianjm-dotCMS approved these changes

Assignees

No one assigned

Labels

None yet

Projects

dotCMS - Product Planning
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[TASK] Migrate "Pages" VTLs to new API

5 participants

@nicobytes @oidacra @erickgonzalez @adrianjm-dotCMS