Closed adicco closed 11 months ago
A similar one which is also quite odd:
While in the EditableListItem
component:
error is string | undefined by the way, not an object.
If error may be a string, you should cast its value into a boolean first, !!error ?? ...
.
A similar one which is also quite odd:
The XSS detection tries at it best to determine the expression type. This <>{(async () => {})()}</>
syntax is pretty odd and you should not write code like that, please hoist this to the top of your function. (Tech expl: an async function casts the return type to Promise\map
calls were done because of its common usage, however I do not have time to implement this specific syntax.)
While in the EditableListItem component:
The EditableListItem component itself is xss safe, however the previous example cannot detect that is what will be returned inside the IIFE.
Thanks @arthurfiorette, I will try these various pointers. And good to know re: the type being cast to a string instead of the JSX.Element
I am encountering the following warning/error with the tsserver LSP:
error is
string | undefined
by the way, not an object. I would expect the exact opposite behaviour: no xss-prone warning on the "error" variable, but one on the p tag if it didn't have a safe attribute.Any thoughts? Thank you!