Using .setAttribute should flag dangerous cases. We are missing the following examples:
var a=document.createElement("form"); a.setAttribute("action", "demo_form.asp"); document.body.appendChild(a);
var a = document.createElement("a"); a.setAttribute("href", "javascript:alert(0)"); document.body.appendChild(a);
iframe.setAttribute("mozapp", data.app);
var a = document.createElement("audio"); a.setAttribute("mozaudiochannel", data.app);
The following rules having pending tests relating to setAttribute:
Using
.setAttribute
should flag dangerous cases. We are missing the following examples:The following rules having pending tests relating to setAttribute:
This enhancement will be fixed post-1.0 release.