Ashwin Ramaswami

> Does oneOf automatically select the option based on initial formData? oneOf _should_ do so.

@dekelb just thought of another thing -- what if someone inputs `dangerouslySetInnerHTML` into ui:props? This is essentially a security vulnerability if someone allows users to edit uiSchemas. I'm thinking it...

We need to add a whitelist for allowed props. See [how it was done with the fluent ui theme](https://github.com/rjsf-team/react-jsonschema-form/blob/master/packages/fluent-ui/src/TextWidget/TextWidget.tsx#L7-L44).

> Why would that someone not validate and escape user input correctly as you would always do it with any kind of user input? One use case of react-jsonschema-form is...

> While this one is seems to be dead, can you pass rest props to all components like you do here https://github.com/rjsf-team/react-jsonschema-form/blob/master/packages/material-ui/src/TextWidget/TextWidget.tsx#L53 It should be safe enough in this case...

Ok. Why do you think it would be safe enough in this case?

> Yeah it does. Wasn't sure if it aligned with the rest of the project. Ideally, this is a core file change, and every theme not using it would also...

Yes, we still use UNSAFE_componentWillReceiveProps in 2.0 -- the only thing that was fixed was removing a few instances of this method, and mostly just renaming componentWillReceiveProps -> UNSAFE_ componentWillReceiveProps....

@jimmycallin has a slightly more complex PR https://github.com/rjsf-team/react-jsonschema-form/pull/2010 that does this, though maybe https://github.com/mrjuan1/react-jsonschema-form/commit/0dd427d5368db4ca9458c77fca79887d48a0d748 would just work as a simpler solution instead? What do you think @jimmycallin ?

@Viswanathan24 can you post your schema and the form data? Ideally a link to a [playground example](https://rjsf-team.github.io/react-jsonschema-form/) would be best.