File tree Expand file tree Collapse file tree 4 files changed +25
-40
lines changed Expand file tree Collapse file tree 4 files changed +25
-40
lines changed Original file line number Diff line number Diff line change 11reviews :
2- path_filters : ["**/*.yml ","**/*.yaml "]
2+ path_filters : ["**/*","*"]
Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1+ function TestComponent ( ) {
2+ // ruleid:react-dangerouslysetinnerhtml
3+ return < div dangerouslySetInnerHTML = { createMarkup ( ) } /> ;
4+ }
5+
6+ function OkComponent ( ) {
7+ // OK
8+ const discordClientKey = '8dyfuiRyq=vVc3RRr_edRk-fK__JItpZ' ;
9+ return { __html : 'Первый · Второй' } ;
10+ }
11+
Original file line number Diff line number Diff line change 11rules :
2- - id : hardcoded-password
3- pattern : password = "$SECRET"
4- message : " Avoid hardcoded passwords"
5- severity : ERROR
6- languages : [python]
7- metadata :
8- category : security
2+ - id : docs-react-dangerouslysetinnerhtml
3+ languages :
4+ - typescript
5+ - javascript
6+ message : >
7+ Setting HTML from code is risky because it’s easy to inadvertently expose
8+ your users to a cross-site scripting (XSS) attack.
9+ pattern-either :
10+ - pattern : |
11+ <$X dangerouslySetInnerHTML=... />
12+ pattern : |
13+ {dangerouslySetInnerHTML: ...}
14+ severity : WARNING
You can’t perform that action at this time.
0 commit comments