search

kitajs / ts-html-plugin

🏛️ The Typescript LSP plugin to catch XSS vulnerabilities.
https://github.com/kitajs/html
MIT License
10 stars 2 forks source link

JSX.Element[] is considered as Xss prone element #27

Closed arthurfiorette closed 11 months ago

arthurfiorette commented 11 months ago

Example:

const postList: JSX.Element[] = posts.map((post) => (
    <li>
      <PostCard
        author={post.author.name}
        post={post}
        authored={userId === post.authorId}
      />
    </li>
  ));

return <>{postList}</>;
//        ~~~~~~~~     
// Usage of xss-prone content without `safe` attribute. https://kitajs.github.io/ts-html-plugin#k601ts(0 K601)