1
0
Fork 0
management/front/dkha-web-sz-main/node_modules/eslint-plugin-vue/lib/rules/no-v-html.js

34 lines
914 B
JavaScript
Raw Permalink Normal View History

2023-12-18 13:12:25 +08:00
/**
* @fileoverview Restrict or warn use of v-html to prevent XSS attack
* @author Nathan Zeplowitz
*/
'use strict'
const utils = require('../utils')
// ------------------------------------------------------------------------------
// Rule Definitionutilu
// ------------------------------------------------------------------------------
module.exports = {
meta: {
docs: {
description: 'disallow use of v-html to prevent XSS attack',
category: undefined,
url: 'https://github.com/vuejs/eslint-plugin-vue/blob/v4.7.1/docs/rules/no-v-html.md'
},
fixable: null,
schema: []
},
create (context) {
return utils.defineTemplateBodyVisitor(context, {
"VAttribute[directive=true][key.name='html']" (node) {
context.report({
node,
loc: node.loc,
message: "'v-html' directive can lead to XSS attack."
})
}
})
}
}