search

kitajs / ts-html-plugin

🏛️ The Typescript LSP plugin to catch XSS vulnerabilities.
https://github.com/kitajs/html
MIT License
10 stars 2 forks source link

`{check && <div />}` throws XSS error #24

Closed arthurfiorette closed 11 months ago

arthurfiorette commented 11 months ago

{check && <div />} throws XSS error and should not

Firerer commented 11 months ago

my current work around is {check ? <div /> : ""} :(

arthurfiorette commented 11 months ago

{check && (<div />)} also works

arthurfiorette commented 11 months ago

Fixed!

Firerer commented 11 months ago

I'm still getting the same error with <div>{true && <div></div>}</div> using the latest version, but { true && <div />; } works fine.

❯ node -v && pnpm -v
v20.5.1
8.5.1

"@kitajs/ts-html-plugin": "^1.3.1", "@kitajs/html": "^3.0.8",

arthurfiorette commented 11 months ago

Conditions like text !== '/' ? && <div /> also does not work

arthurfiorette commented 11 months ago

I think its fixed now.