Document usage of custom escape methods

[LukeWood]

Any example of this can be found here: https://github.com/mozilla/eslint-plugin-no-unsanitized/blob/master/tests/rules/property.js#L142

Is it possible to get documentation showing an example of this in an eslint rc?

[mozfreddyb]

Yeah, that's a variation of docs/rules/customization.md, which is admittedly full of TODOs.

• the property methods specifies a list of functions that accept a string a return a sanitized string.
• the property taggedTemplates specifices a list of functions that are used with tagged template strings (e.g., myHTMLTemplate`<p>${hello}</p>`;). Those should also return a sanitized string

I hope this will do:

{
    "plugins": ["no-unsanitized"],
    "rules": {
        "no-unsanitized/method": [
            "error",
            {
                escape: {
                    methods: ["myHTMLEscape"]
                    taggedTemplates: ["myHTMLTemplate"]
                }
            },
        ],
        "no-unsanitized/property": [
            "error",
            {
                escape: {
                    methods: ["myHTMLEscape"]
                    taggedTemplates: ["myHTMLTemplate"]
                }
            },
        ]
    }
}

[LukeWood]

Thanks for your quick response Frederik!