react-no-danger
NOTE: this rule is included the following rule sets:
reactfreshEnable full set in
deno.json:{
"lint": {
"rules": {
"tags": ["react"] // ...or "fresh"
}
}
}Enable full set using the Deno CLI:
deno lint --rules-tags=react # or ... deno lint --rules-tags=fresh
This rule can be explictly included to or excluded from the rules present in the current tag by adding it to the
include or exclude array in deno.json:{
"lint": {
"rules": {
"include": ["react-no-danger"],
"exclude": ["react-no-danger"]
}
}
}防止使用 dangerouslySetInnerHTML,如果使用不当可能导致 XSS 漏洞。
无效:
const hello = <div dangerouslySetInnerHTML={{ __html: "Hello World!" }} />;
有效:
const hello = <div>Hello World!</div>;