ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5696/javascript/rule.adoc

24 lines
698 B
Plaintext
Raw Normal View History

Add rules 5000-5999
2020-06-30 12:50:28 +02:00
include::../description.adoc[]
== Noncompliant Code Example
Add all rules, update all rules fixing the inline code syntax
2020-12-21 15:38:52 +01:00
Example of basic DOM-XSS attack (http://vulnerable/page.html#<img onerror='alert(1); src='invalid-image' />):
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
Add all rules, update all rules fixing the inline code syntax
2020-12-21 15:38:52 +01:00
const rootDiv = document.getElementById('root');
const hash = decodeURIComponent(location.hash.substr(1));
rootDiv.innerHTML = hash;
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
== Compliant Solution
Add all rules, update all rules fixing the inline code syntax
2020-12-21 15:38:52 +01:00
https://developer.mozilla.org/en-US/docs/Web/API/HTMLElement/innerText[innerText] property of an html element sets or returns the text content of the element (removing all child nodes):
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
Add all rules, update all rules fixing the inline code syntax
2020-12-21 15:38:52 +01:00
const rootDiv = document.getElementById('root');
const hash = decodeURIComponent(location.hash.substr(1));
rootDiv.innerText = hash;
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
include::../see.adoc[]
Reference in New Issue Copy Permalink