SONAR-23249 Fix SSF-656 & SSF-657

author: David Cho-Lerat <david.cho-lerat@sonarsource.com> 2024-10-03 10:09:00 +0200
committer: sonartech <sonartech@sonarsource.com> 2024-10-08 20:02:47 +0000
commit: c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f (patch)
tree: 40b9f0694c1bd3baaee84ade9fa4059b851c7ae2 /server/sonar-web/.eslintrc
parent: 12664adb48e6b95e521b0e05d81f916af2a88bc4 (diff)
download: sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.tar.gz
sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.zip
1 files changed, 22 insertions, 0 deletions
diff --git a/server/sonar-web/.eslintrc b/server/sonar-web/.eslintrc
index 49071ab4dbf..7da42df461d 100644
--- a/server/sonar-web/.eslintrc
+++ b/server/sonar-web/.eslintrc
@@ -35,6 +35,28 @@
       ],
       1
     ],
+    "react/forbid-component-props": [
+      "error",
+      {
+        "forbid": [
+          {
+            "propName": "dangerouslySetInnerHTML",
+            "message": "Use the SafeHTMLInjection component instead of 'dangerouslySetInnerHTML', to prevent CSS injection along other XSS attacks"
+          }
+        ]
+      }
+    ],
+    "react/forbid-dom-props": [
+      "error",
+      {
+        "forbid": [
+          {
+            "propName": "dangerouslySetInnerHTML",
+            "message": "Use the SafeHTMLInjection component instead of 'dangerouslySetInnerHTML', to prevent CSS injection along other XSS attacks"
+          }
+        ]
+      }
+    ],
     "react/forbid-elements": [
       "warn",
       {
author	David Cho-Lerat <david.cho-lerat@sonarsource.com>	2024-10-03 10:09:00 +0200
committer	sonartech <sonartech@sonarsource.com>	2024-10-08 20:02:47 +0000
commit	c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f (patch)
tree	40b9f0694c1bd3baaee84ade9fa4059b851c7ae2 /server/sonar-web/.eslintrc
parent	12664adb48e6b95e521b0e05d81f916af2a88bc4 (diff)
download	sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.tar.gz sonarqube-c9ecf7fa2f9af18f474a2aea2c7c3cefd3a6e80f.zip