Closed mozfreddyb closed 4 years ago
See https://github.com/mozilla/eslint-plugin-no-unsanitized/blob/e3efa339e8a0aa1e4702af42db85008a20d8ea2c/lib/ruleHelper.js#L9-10
// names of escaping functions that we acknowledge const VALID_ESCAPERS = ["Sanitizer.escapeHTML", "escapeHTML"]; const VALID_UNWRAPPERS = ["Sanitizer.unwrapSafeHTML", "unwrapSafeHTML"];
when instead we should remove it here and put it into the default configuration.
People can then override it and have better control of what they actually want to allow This would not be a breaking change.
I've also noticed that we dont have tests for custom escapers (which is probably a super common use case :scream: )
I've also noticed that we dont have tests for custom escapers (which is probably a super common use case scream )
Issue #108
See https://github.com/mozilla/eslint-plugin-no-unsanitized/blob/e3efa339e8a0aa1e4702af42db85008a20d8ea2c/lib/ruleHelper.js#L9-10
when instead we should remove it here and put it into the default configuration.
People can then override it and have better control of what they actually want to allow This would not be a breaking change.
I've also noticed that we dont have tests for custom escapers (which is probably a super common use case :scream: )