eslint-plugin-github/tests/no-inner-html.js at 8a0b80cc513587a315ac6a6653a0900bc97746cf · github/eslint-plugin-github · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
const rule = require('../lib/rules/no-inner-html')
const RuleTester = require('eslint').RuleTester

const ruleTester = new RuleTester()

ruleTester.run('no-innter-html', rule, {
  valid: [
    {
      code: 'document.createElement("js-flash-text").textContent = ""'
    },
    {
      code: 'document.createElement("js-flash-text").textContent = "foo"'
    }
  ],
  invalid: [
    {
      code: 'document.createElement("js-flash-text").innerHTML = "foo"',
      errors: [
        {
          message: 'Using innerHTML poses a potential security risk and should not be used. Prefer using textContent.',
          type: 'Identifier'
        }
      ]
    },
    {
      code: 'document.querySelector("js-flash-text").innerHTML = "<div>code</div>"',
      errors: [
        {
          message: 'Using innerHTML poses a potential security risk and should not be used. Prefer using textContent.',
          type: 'Identifier'
        }
      ]
    },
    {
      code: 'document.querySelector("js-flash-text").innerHTML = ""',
      errors: [
        {
          message: 'Using innerHTML poses a potential security risk and should not be used. Prefer using textContent.',
          type: 'Identifier'
        }
      ]
    }
  ]
})