AppScan reports issue with innerHTML

[davidnixon]

This is a tricky one to fix dur to the testing required to make sure nothing is broken.

This affects _CvSvg and CvDatePicker. AppScan report "Insecure Use of InnerHTML or OuterHTML"
This is a false positive report but it would be best to remove reference to innerHTML if possible.

In certain cases CvDatePicker, which is a wrapper around flatpicker, is removing white space from the innerHTML with

currentItem.innerHTML = currentItem.innerHTML.replace(/\s+/g, '');

This needs some testing to see if this can just be removed.

In _CvSvg the svg content is added to the component via innerHTML. There is probably a clearer way to do this.

[github-actions]

This issue has been marked as stale because it has required additional
info or a response from the author for over 14 days. When you get the
chance, please comment with the additional info requested.
Otherwise, this issue will be closed in 14 days.

[github-actions]

This issue has been marked as stale because it has required additional
info or a response from the author for over 14 days. When you get the
chance, please comment with the additional info requested.
Otherwise, this issue will be closed in 14 days.