immediately releasing 0.1.6, to fix a bug that ignored outerHTML
This commit is contained in:
Frederik Braun
Родитель
ab77e646a6
Коммит
e21287c386
|
|
@ -84,9 +84,9 @@ module.exports = function (context) {
|
|||
// the "exit" prefix ensures we know all subnodes already.
|
||||
if ("property" in node.left) {
|
||||
if (OPERATORS.indexOf(node.operator) !== -1) {
|
||||
if (node.left.property.name === ("innerHTML" || "outerHTML")) {
|
||||
if ((node.left.property.name === "innerHTML") || (node.left.property.name === "outerHTML")) {
|
||||
if (!allowedExpression(node.right, node.parent)) {
|
||||
context.report(node, "Unsafe assignment to innerHTML"); // report error
|
||||
context.report(node, "Unsafe assignment to "+node.left.property.name); // report error
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
{
|
||||
"name": "eslint-plugin-no-unsafe-innerhtml",
|
||||
"description": "custom ESLint rule to disallows unsafe innerHTML, outerHTML and insertAdjacentHTML",
|
||||
"version": "0.1.5",
|
||||
"version": "0.1.6",
|
||||
"author": {
|
||||
"name": "Frederik Braun"
|
||||
},
|
||||
|
|
|
|||
|
|
@ -72,6 +72,10 @@ eslintTester.addRuleTest("lib/rules/no-unsafe-innerhtml", {
|
|||
code: "i.innerHTML += Sanitizer.unwrapSafeHTML(htmlSnippet)",
|
||||
ecmaFeatures: { templateStrings: true }
|
||||
},
|
||||
{
|
||||
code: "i.outerHTML += Sanitizer.unwrapSafeHTML(htmlSnippet)",
|
||||
ecmaFeatures: { templateStrings: true }
|
||||
},
|
||||
// tests for insertAdjacentHTML calls
|
||||
{
|
||||
code: "n.insertAdjacentHTML('afterend', 'meh');",
|
||||
|
|
@ -126,6 +130,15 @@ eslintTester.addRuleTest("lib/rules/no-unsafe-innerhtml", {
|
|||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
code: "m.outerHTML = htmlString;",
|
||||
errors: [
|
||||
{
|
||||
message: "Unsafe assignment to outerHTML",
|
||||
type: "AssignmentExpression"
|
||||
}
|
||||
]
|
||||
},
|
||||
// insertAdjacentHTML examples
|
||||
{
|
||||
code: "node.insertAdjacentHTML('beforebegin', htmlString);",
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче