With this release, we bring improved CSV-export sanitization, improved focus behavior with auto-scroll support for accessibility, and a ~40% reduction in initialization time when both formulas and the AutoColumnSize option are used together. We’ve also addressed over 30 minor and major issues while maintaining complete backward compatibility.

And that’s not all – we’re proud to introduce our brand-new Figma Handsontable Design System, with ready-made, customizable components to help you build modern data grids faster.

CSV Exports Sanitization

We’ve introduced content sanitization for the export to CSV functionality (#1592), protecting users from potential CSV injection vulnerabilities. This new feature adds a configurable sanitizeValues option to the exportPlugin.downloadFile API, giving you control over value sanitization during CSV exports, and offering flexible data protection methods:

• Set sanitizeValues to true to sanitize values automatically according to OWASP recommendations.
• Provide a regular expression to escape any values matching your specified pattern.
• Provide a function to apply custom sanitization logic tailored to your needs.
• Leave sanitizeValues unset or set it to false to skip sanitization and maintain backward compatibility.

This addition is especially important for applications that allow users to export potentially untrusted data, helping to prevent formula injection attacks that could be triggered when opening CSV files in spreadsheet applications.

For more details, check out our updated Export to CSV guide.

Improved Auto-Scroll Support

We’ve resolved the accessibility issue where the viewport failed to scroll to keep keyboard-focused cells visible. Previously, when navigating through the grid using keyboard shortcuts like CTRL/CMD + Arrow, the focused cell could move outside the visible area (viewport), leaving users confused. This issue was common in:

• Tables with unspecified height (or set to ‘auto’)
• Tables with a specified height larger than the viewport
• Long tables requiring extensive scrolling

Now, the viewport automatically scrolls to keep the currently focused cell in view, so whether you’re jumping to the bottom of a large dataset or navigating cell-by-cell through your table, you’ll always be able to see where you are.

Faster Initialization with Formulas

Version 15.3.0 introduces a significant performance improvement for Handsontable instances using both the formulas and the AutoColumnSize option. In our internal benchmark, a table containing 180,000 cells initialized in 2291ms, compared to 4162ms in the previous version, resulting in a 45% speed increase.

New Design System

After months of work, we’re thrilled to announce that our Handsontable Design System is now available on the Figma Community! What began as an internal file for developing our new theming has grown into a fully-fledged, publicly available system. We believe it will reduce the time needed to integrate Handsontable’s theming into your own design system. Our Figma file also includes a section showcasing components planned for future Handsontable releases, giving you a glimpse of what’s ahead.

For more details, explore our documentation, Figma file, and Theme Generator on GitHub.

Special thanks to Marek Martuszewski for his incredible attention to detail and tireless work in bringing the new Design System to life!

Highlighted Improvements

This release fixes a range of UI and usability issues, improving stability and consistency. Here are a few notable updates included in this version:

• We’ve fixed the unwanted space between dropdown list items and the scrollbar when using dropdown or autocomplete cell types with more than 10 options and a defined height in version 15.2.0+. Dropdowns now look cleaner and consistent across all themes — Classic, Main, and Horizon. (#11589)
• To improve table layout stability, we’ve corrected the miscalculation of row heights when the autoRowSize plugin is enabled. Rows now size properly across all themes. (#11557)
• We’ve also improved submenu alignment for context menus, ensuring that submenus open correctly even on wider viewports. (#11505)
• To make undo and redo operations more reliable, we’ve fixed inconsistencies between visual and physical row indexes during undo/redo actions. With this fix, Handsontable now correctly restores both the data and table structure, preventing data loss and ensuring a more predictable experience, especially for users who frequently reorganize their tables. (#11515)

Release Notes

Added

• Added a missing boolean type to the editor in the React wrapper. #11514
• Fixed the Comments plugin for IME editing and added a new beforeCompositionstart hook. #11521
• Added horizontal scroll to the Filter’s “by value” component. #11561
• Add optional formula sanitization for CSV export to prevent CSV Injection attacks. #11592

Changed

• Improved the initialization time of Handsontable with Formulas enabled. #11474
• Changed the size of the Manual Row Resize and Manual Column Resize guide lines. #11507
• Improved the viewport scrolling behavior. #11577

Fixed

• Fixing issue with the NestedRows plugin duplicating rows when moving child rows. #11362
• Fixed an issue with row resize line alignment and resize handle flickering. #11500
• Fixed an issue with the Autocomplete caret position after using scroll on a list of choices and a problem with the dropdown width. #11503
• Fixed submenu positioning for all themes. #11505
• Fixed a problem where re-enabling the Hidden Columns configuration caused an error to be thrown if a selection was a part of the hidden range. #11508
• Fixed an issue with empty parentNode in the table’s getCords method. #11509
• Improved Undo/Redo actions for removing rows and columns. #11515
• Fixed rows’ height calculations for merged cells on Safari. #11517
• Fixed missing (incorrect) render call after dataset change. #11529
• Fixed an issue with the mobile keyboard closing after clicking the filter search input on Android devices. #11532
• Fixed a problem with multiple row header levels being rendered in reverse order. #11533
• Fixed TypeError error for the AutoRowSize plugin. #11537
• Allow changing the selection after filter is applied. #11538
• Fixed a problem with the Autocomplete editor rendering very slowly when provided with a long list of choices. #11552
• Fixed an issue with focus catcher accessibility. #11553
• Fixed TypeError error being thrown after removing rows on the bottom overlay. #11555
• Fixed calculating the first row height. #11557
• Fixed an issue with highlighting the cell after calling updateData. #11558
• Fixed the “unmerge cells” action triggered from keyboard shortcut. #11559
• Fixed the left/right-arrow shortcuts for menus when the table was configured with layoutDirection: rtl. #11562
• Fixed an issue with duplicate boolean values in the filters. #11563
• Fixed an issue with data source for non-string values in the name property. #11565
• Fixed settings object not being updated after adding new hooks. #11566
• Fixed a problem with the table rendering all rows when it’s configured to have 0px height. #11567
• Fixed copy/paste/cut functionalities for web components. #11572
• Fixed the allowInvalid option (both true and false) for the Dropdown Editor. #11587
• Fixed a problem with deprecation warnings being thrown when using Context Menu’s Undo and Redo items. #11588
• Fixed an error being thrown when editing Autocomplete-typed cells with a long list of choices rendered in a small container. #11589
• Ensured that there’s a single @charset entry in the classic theme’s CSS files, and that it’s placed at the beginning of those files. #11591

How to Upgrade

• JavaScript npm install handsontable
• React npm install handsontable @handsontable/react-wrapper
• Class-based wrapper for React npm install handsontable @handsontable/react
• Angular npm install handsontable @handsontable/angular
• Vue npm install handsontable @handsontable/vue3
• Download from NuGet
• View and clone on GitHub
• Import from public CDN: jsDelivr, UNPKG

If you stumble across problems while updating, use one of the following support channels:

• Read the changelog in our documentation
• Start a discussion on the Developer’s Forum
• Ask a question on Stack Overflow
• Report an issue on GitHub discussions

If your commercial support plan is active, our dedicated tech support team is ready to help – just email support@handsontable.com or use this contact form for assistance.