-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve documentation for supplying valid escape/sanitize functions #205
Comments
We allow custom sanitizers through configurations. eslint-plugin-no-unsanitized/tests/rules/property.js Lines 154 to 164 in d50ae4d
Does that not work for you? |
@mozfreddyb Thanks for your comment. Could you please tell me how to add it exactly to the configuration? I tried to add this line to the eslint rules:
OR
but I am still getting the same eslint error: |
In your example, you're modifying the options of the You also need to do this for the |
@Abdullilah Did you end up resolving your issue? I'm leaning towards closing this issue. |
This works but only when done this way
|
Looks like everything works as intended here. We can repurpose the issue, if someone wants to update the documentation though. |
It would be good if this plugin excluded the code which is sanitised by the sanitize function from the DomSanitizer.
Example:
this.hostElement.innerHTML = content;
this is unsanitized content which makes sense for the plugin to complain about it, but when we sanitise the content:
this.hostElement.innerHTML = <string>this.domSanitizer.sanitize(SecurityContext.HTML, content);
I am still getting Eslint unsafe assignment even though the content I am adding is fully sanitised.
Could you please have a look and add this improvement to the plugin?
The text was updated successfully, but these errors were encountered: