Comment 11 for bug 1940450

I'm no JS expert, this is all pretty far out of my usual experience.

Our horizon package includes a lot of references to tooltips, they appear to come from both jquery and bootstrap, and it felt like a third in there but I've lost that thread.

Some uses of tooltips are static enough that they're obviously fine. Here's a bunch that aren't obviously fine, but I'm not sure if they're even the "right" tooltips. It's also possible for Python to emit automatic tooltip contents for an unknown number of inputs via the Cell class. Cell is used in FormsetCell, which is used in FormsetDataTableMixin, which is used in FormsetDataTable. I can't find any actual uses of FormsetDataTable. Is all this dead code or is it called by magic? (It would be a surprising amount of dead code if it's not actually used.)

If FormsetDataTable is being used in Horizon, does any of the data come from someone that shouldn't be writing raw HTML into the browser?

Do any of these use data that come from someone that shouldn't be writing raw HTML into the browser?

        <div ng-repeat="prop in ctrl.image.properties">
          <dt data-toggle="tooltip" title="{$ prop.name $}">{$ ctrl.resourceType.label(prop.name) $}</dt>
          <dd>{$ prop.value $}</dd>

          <div uib-accordion-group ng-repeat="container in cc.model.containers"
                           ng-class="{'panel-primary': container.name === cc.model.container.name}"
                           class="panel-default"
                           ng-click="cc.selectContainer(container)">
            <uib-accordion-heading>
             <div ng-click="cc.selectContainer(container)">
              <span class="hz-container-title truncate"
                    uib-tooltip="{$ container.name $}"
                    uib-tooltip-placement="top"
                    uib-tooltip-popup-delay="1000"
                    uib-tooltip-trigger="mouseenter">
                {$ container.name $}
              </span>

      <span class="radius secondary item"
            ng-repeat="facet in ctrl.currentSearch" ng-cloak="cloak" ng-class="{'server-side-item': facet.isServer}">
        <span data-toggle="tooltip" title="{$ ::strings.serverFacet $}"
           ng-class="{'fa fa-server': facet.isServer}"></span>
        <span data-toggle="tooltip" title="{$ ::strings.clientFacet $}"
           ng-class="{'fa fa-desktop': !facet.isServer}"></span>

       {% if forloop.first or forloop.counter0|divisibleby:6 %}
         <div class="row">
       {% endif %}
        <div class="d3_quota_bar col-lg-2 col-md-4 col-sm-4 col-xs-6">
          <div class="pie-chart-usage" data-used="{% quotapercent quota.used quota.max %}"></div>
          <div class="quota_title" title="{{ quota.name }}" data-toggle="tooltip"> {{ quota.name }}</div>
          <div class="quota_subtitle">

  <ul class="dropdown-menu">
    {% for option in options %}
      <li data-original-index="{{ forloop.counter0 }}"
        data-toggle="tooltip" data-placement="top"
        {% if option.3 %} title="{{ option.3 }}" {% endif %}>
          <a data-select-value="{{ option.0 }}"
          {% if option.2 %}
            {{ option.2|safe|default:'' }}
          {% endif %}>{{ option.1 }}</a>
      </li>
    {% endfor %}
  </ul>

class Cell(html.HTMLElement):
    """Represents a single cell in the table."""

    def __init__(self, datum, column, row, attrs=None, classes=None):
        self.classes = classes or getattr(self, "classes", [])
        super(Cell, self).__init__()
        self.attrs.update(attrs or {})

        self.datum = datum
        self.column = column
        self.row = row
        self.wrap_list = column.wrap_list
        self.inline_edit_available = self.column.update_action is not None
        # initialize the update action if available
        if self.inline_edit_available:
            self.update_action = self.column.update_action()
            self.attrs['data-cell-name'] = column.name
            self.attrs['data-update-url'] = self.get_ajax_update_url()
        self.inline_edit_mod = False
        # add tooltip to cells if the truncate variable is set
        if column.truncate:
            # NOTE(tsufiev): trying to pull cell raw data out of datum for
            # those columns where truncate is False leads to multiple errors
            # in unit tests
            data = getattr(datum, column.name, '') or ''
            if len(data) > column.truncate:
                self.attrs['data-toggle'] = 'tooltip'
                self.attrs['title'] = data
                if getattr(settings, 'INTEGRATION_TESTS_SUPPORT', False):
                    self.attrs['data-selenium'] = data
        self.data = self.get_data(datum, column, row)