* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
import * as classNames from 'classnames';
+import { sanitize } from 'dompurify';
import * as React from 'react';
import { ResetButtonLink, SubmitButton } from 'sonar-ui-common/components/controls/buttons';
import Modal from 'sonar-ui-common/components/controls/Modal';
)}
<div
className="note"
- // Safe: defined by rule creator (instance admin?)
- dangerouslySetInnerHTML={{ __html: param.htmlDesc || '' }}
+ // eslint-disable-next-line react/no-danger
+ dangerouslySetInnerHTML={{ __html: sanitize(param.htmlDesc || '') }}
/>
</div>
))
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
+import { sanitize } from 'dompurify';
import * as React from 'react';
import { ResetButtonLink, SubmitButton } from 'sonar-ui-common/components/controls/buttons';
import Modal from 'sonar-ui-common/components/controls/Modal';
)}
<div
className="modal-field-description"
- // Safe: defined by rule creator (instance admin?)
- dangerouslySetInnerHTML={{ __html: param.htmlDesc || '' }}
+ // eslint-disable-next-line react/no-danger
+ dangerouslySetInnerHTML={{ __html: sanitize(param.htmlDesc || '') }}
/>
</div>
);
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
+import { sanitize } from 'dompurify';
import * as React from 'react';
import { Button, ResetButtonLink } from 'sonar-ui-common/components/controls/buttons';
import { translate, translateWithParameters } from 'sonar-ui-common/helpers/l10n';
{this.props.ruleDetails.htmlNote !== undefined && (
<div
className="rule-desc spacer-bottom markdown"
- // Safe: defined by rule creator (instance admin?)
- dangerouslySetInnerHTML={{ __html: this.props.ruleDetails.htmlNote }}
+ // eslint-disable-next-line react/no-danger
+ dangerouslySetInnerHTML={{ __html: sanitize(this.props.ruleDetails.htmlNote) }}
/>
)}
{this.props.canWrite && (
{hasDescription ? (
<div
className="coding-rules-detail-description rule-desc markdown"
- // Safe: defined by rule creator (instance admin?)
- dangerouslySetInnerHTML={{ __html: ruleDetails.htmlDesc || '' }}
+ // eslint-disable-next-line react/no-danger
+ dangerouslySetInnerHTML={{ __html: sanitize(ruleDetails.htmlDesc || '') }}
/>
) : (
<div className="coding-rules-detail-description rule-desc markdown">
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
+import { sanitize } from 'dompurify';
import * as React from 'react';
import { translate } from 'sonar-ui-common/helpers/l10n';
<tr className="coding-rules-detail-parameter" key={param.key}>
<td className="coding-rules-detail-parameter-name">{param.key}</td>
<td className="coding-rules-detail-parameter-description">
- <p // Safe: defined by rule creator (instance admin?)
- dangerouslySetInnerHTML={{ __html: param.htmlDesc || '' }}
+ <p
+ // eslint-disable-next-line react/no-danger
+ dangerouslySetInnerHTML={{ __html: sanitize(param.htmlDesc || '') }}
/>
{param.defaultValue !== undefined && (
<div className="note spacer-top">
projects / sonarqube.git / commitdiff