Bug 1351608 - Add eslint-plugin-no-unsanitized to eslint-plugin-mozilla. r=standard8
☠☠ backed out by ed5cc84d317f ☠ ☠
authorFrederik Braun <fbraun@mozilla.com>
Wed, 28 Jun 2017 12:47:36 -0700
changeset 417746 d95016c5fc991c075d10b4591491d50650a7c487
parent 417745 8c69b1e4d5a62688ac69657f926683adc04e8312
child 417747 1cd9e27f0fa16bd65edc431ca37bbcd5ad72b3bd
push id1517
push userjlorenzo@mozilla.com
push dateThu, 14 Sep 2017 16:50:54 +0000
treeherdermozilla-release@3b41fd564418 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersstandard8
bugs1351608
milestone56.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1351608 - Add eslint-plugin-no-unsanitized to eslint-plugin-mozilla. r=standard8 MozReview-Commit-ID: H7NaHioty7f
package.json
tools/lint/eslint/eslint-plugin-mozilla/lib/configs/recommended.js
tools/lint/eslint/eslint-plugin-mozilla/package.json
--- a/package.json
+++ b/package.json
@@ -2,17 +2,18 @@
   "name": "mozillaeslintsetup",
   "description": "This package file is for setup of ESLint only for editor integration.",
   "repository": {},
   "license": "MPL-2.0",
   "dependencies": {
     "escope": "^3.6.0",
     "eslint": "3.19.0",
     "eslint-plugin-html": "2.0.3",
-    "eslint-plugin-mozilla": "file:tools\\lint\\eslint\\eslint-plugin-mozilla",
+    "eslint-plugin-mozilla": "file:tools/lint/eslint/eslint-plugin-mozilla",
     "eslint-plugin-react": "6.10.3",
-    "eslint-plugin-spidermonkey-js": "file:tools\\lint\\eslint\\eslint-plugin-spidermonkey-js",
+    "eslint-plugin-spidermonkey-js": "file:tools/lint/eslint/eslint-plugin-spidermonkey-js",
+    "eslint-plugin-no-unsanitized": "2.0.1",
     "espree": "^3.4.0",
     "estraverse": "^4.2.0",
     "ini-parser": "^0.0.2",
     "sax": "^1.2.2"
   }
 }
--- a/tools/lint/eslint/eslint-plugin-mozilla/lib/configs/recommended.js
+++ b/tools/lint/eslint/eslint-plugin-mozilla/lib/configs/recommended.js
@@ -58,17 +58,18 @@ module.exports = {
   },
 
   "parserOptions": {
     "ecmaVersion": 8
   },
 
   // When adding items to this file please check for effects on sub-directories.
   "plugins": [
-    "mozilla"
+    "mozilla",
+    "no-unsanitized"
   ],
 
   // When adding items to this file please check for effects on all of toolkit
   // and browser
   "rules": {
     // Require spacing around =>
     "arrow-spacing": "error",
 
@@ -294,16 +295,21 @@ module.exports = {
     "no-unreachable": "error",
 
     // Disallow control flow statements in finally blocks
     "no-unsafe-finally": "error",
 
     // No (!foo in bar) or (!object instanceof Class)
     "no-unsafe-negation": "error",
 
+    // No unsanitized use of innerHTML=, document.write() etc.
+    // cf. https://github.com/mozilla/eslint-plugin-no-unsanitized#rule-details
+    "no-unsanitized/method": "error",
+    "no-unsanitized/property": "error",
+
     // No declaring variables that are never used
     "no-unused-vars": ["error", {
       "args": "none",
       "vars": "local",
       "varsIgnorePattern": "^Cc|Ci|Cu|Cr|EXPORTED_SYMBOLS"
     }],
 
     // No using variables before defined
--- a/tools/lint/eslint/eslint-plugin-mozilla/package.json
+++ b/tools/lint/eslint/eslint-plugin-mozilla/package.json
@@ -16,16 +16,17 @@
   "repository": {
     "type": "hg",
     "url": "https://hg.mozilla.org/mozilla-central/"
   },
   "author": "Mike Ratcliffe",
   "main": "lib/index.js",
   "dependencies": {
     "escope": "^3.6.0",
+    "eslint-plugin-no-unsanitized": "^2.0.1",
     "espree": "^3.4.0",
     "estraverse": "^4.2.0",
     "globals": "^9.14.0",
     "ini-parser": "^0.0.2",
     "sax": "^1.2.2"
   },
   "devDependencies": {
     "mocha": "3.2.0"