fix: prevent incident table horizontal overflow from long summaries (#6085)

Aladex · shahargl · web-flow · commit 2fc04deb8481 · 2026-03-18T09:31:12.000+02:00
Co-authored-by: Shahar Glazner &lt;shaharglazner@gmail.com&gt;
diff --git a/keep-ui/features/incidents/incident-list/ui/incidents-table.tsx b/keep-ui/features/incidents/incident-list/ui/incidents-table.tsx
@@ -196,12 +196,16 @@ export default function IncidentsTable({
               <FormattedContent
                 content={summary}
                 format="html"
-                className="text-pretty overflow-hidden overflow-ellipsis line-clamp-3"
+                plain
+                className="line-clamp-2 text-sm text-gray-500"
               />
             ) : null}
           </div>
         );
       },
+      meta: {
+        tdClassName: "overflow-hidden",
+      },
     }),
     columnHelper.accessor("alerts_count", {
       id: "alerts_count",
diff --git a/keep-ui/shared/ui/FormattedContent/FormattedContent.tsx b/keep-ui/shared/ui/FormattedContent/FormattedContent.tsx
@@ -38,21 +38,40 @@ function FormattedHTMLContent({
   );
 }
 
+const stripHtmlTags = (html: string) => {
+  return html.replace(/<[^>]*>/g, "").trim();
+};
+
 interface FormattedContentProps {
   content: string | null | undefined;
   format?: "markdown" | "html" | null;
   className?: string;
+  /**
+   * When true, strips all HTML/markdown tags and renders as plain text.
+   * Useful in table cells where line-clamp needs to work on inline text
+   * without block-level elements (like <p>) breaking the clamp.
+   */
+  plain?: boolean;
 }
 
 export const FormattedContent: FC<FormattedContentProps> = ({
   content,
   format,
   className,
+  plain,
 }) => {
   if (!content) {
     return null;
   }
 
+  if (plain) {
+    return (
+      <div className={clsx("whitespace-normal", className)}>
+        {stripHtmlTags(content)}
+      </div>
+    );
+  }
+
   if (format === "markdown") {
     return (
       <div
diff --git a/tests/e2e_tests/incidents_alerts_tests/test_xss_protection.py b/tests/e2e_tests/incidents_alerts_tests/test_xss_protection.py
@@ -110,12 +110,14 @@ def test_legit_html_content(
             "table[data-testid='incidents-table'] tbody tr",
             has_text=legit_html_incident["user_generated_name"],
         ).first
-        html_content = incident_row.inner_html()
-        assert "<h2>" in html_content, "H2 tag not found in HTML"
-        assert "<code>" in html_content, "Code tag not found in HTML"
+        # Incident list renders summaries as plain text (tags stripped) for
+        # proper CSS line-clamp. Verify text content is preserved.
+        text_content = incident_row.inner_text()
+        assert "Test Failure" in text_content, "Summary text not found"
         assert (
-            '<a href="https://google.com">' in html_content
-        ), "Link tag not found in HTML"
+            "test_csb_upload_send_two_times_same_sequence_number" in text_content
+        ), "Code text not found in summary"
+        assert "Google" in text_content, "Link text not found in summary"
     except Exception:
         save_failure_artifacts(browser, log_entries=[])
         raise
