mirror of
https://github.com/JamesIves/github-pages-deploy-action.git
synced 2023-12-15 20:03:39 +08:00
72 lines
1.8 KiB
JavaScript
72 lines
1.8 KiB
JavaScript
|
/**
|
||
|
* @fileoverview Prevent usage of dangerous JSX props
|
||
|
* @author Scott Andrews
|
||
|
*/
|
||
|
|
||
|
'use strict';
|
||
|
|
||
|
const docsUrl = require('../util/docsUrl');
|
||
|
const jsxUtil = require('../util/jsx');
|
||
|
|
||
|
// ------------------------------------------------------------------------------
|
||
|
// Constants
|
||
|
// ------------------------------------------------------------------------------
|
||
|
|
||
|
const DANGEROUS_MESSAGE = 'Dangerous property \'{{name}}\' found';
|
||
|
|
||
|
const DANGEROUS_PROPERTY_NAMES = [
|
||
|
'dangerouslySetInnerHTML'
|
||
|
];
|
||
|
|
||
|
const DANGEROUS_PROPERTIES = DANGEROUS_PROPERTY_NAMES.reduce((props, prop) => {
|
||
|
props[prop] = prop;
|
||
|
return props;
|
||
|
}, Object.create(null));
|
||
|
|
||
|
// ------------------------------------------------------------------------------
|
||
|
// Helpers
|
||
|
// ------------------------------------------------------------------------------
|
||
|
|
||
|
/**
|
||
|
* Checks if a JSX attribute is dangerous.
|
||
|
* @param {String} name - Name of the attribute to check.
|
||
|
* @returns {boolean} Whether or not the attribute is dnagerous.
|
||
|
*/
|
||
|
function isDangerous(name) {
|
||
|
return name in DANGEROUS_PROPERTIES;
|
||
|
}
|
||
|
|
||
|
// ------------------------------------------------------------------------------
|
||
|
// Rule Definition
|
||
|
// ------------------------------------------------------------------------------
|
||
|
|
||
|
module.exports = {
|
||
|
meta: {
|
||
|
docs: {
|
||
|
description: 'Prevent usage of dangerous JSX props',
|
||
|
category: 'Best Practices',
|
||
|
recommended: false,
|
||
|
url: docsUrl('no-danger')
|
||
|
},
|
||
|
schema: []
|
||
|
},
|
||
|
|
||
|
create(context) {
|
||
|
return {
|
||
|
|
||
|
JSXAttribute(node) {
|
||
|
if (jsxUtil.isDOMComponent(node.parent) && isDangerous(node.name.name)) {
|
||
|
context.report({
|
||
|
node,
|
||
|
message: DANGEROUS_MESSAGE,
|
||
|
data: {
|
||
|
name: node.name.name
|
||
|
}
|
||
|
});
|
||
|
}
|
||
|
}
|
||
|
|
||
|
};
|
||
|
}
|
||
|
};
|