Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Rantanen/eslint-plugin-xss

ESLint plugin for XSS detection
https://github.com/Rantanen/eslint-plugin-xss

Last synced: 3 months ago
JSON representation

ESLint plugin for XSS detection

Host: GitHub
URL: https://github.com/Rantanen/eslint-plugin-xss
Owner: Rantanen
License: other
Created: 2016-04-25T20:08:41.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2023-08-29T08:51:15.000Z (about 1 year ago)
Last Synced: 2024-06-28T02:04:04.771Z (4 months ago)
Language: JavaScript
Size: 58.6 KB
Stars: 67
Watchers: 2
Forks: 16
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

awesome-eslint - xss - Tries to detect XSS issues in codebase before they end up in production. (Plugins / Security)

README

        # eslint-plugin-xss

[![NPM version](http://img.shields.io/npm/v/eslint-plugin-xss.svg)](https://www.npmjs.com/package/eslint-plugin-xss)

[![Build Status](https://travis-ci.org/Rantanen/eslint-plugin-xss.svg?branch=master)](https://travis-ci.org/Rantanen/eslint-plugin-xss)

[![Codecov](https://codecov.io/gh/Rantanen/eslint-plugin-xss/branch/master/graph/badge.svg)](https://codecov.io/gh/Rantanen/eslint-plugin-xss)

[![Codacy](https://api.codacy.com/project/badge/grade/13e5c7abeb4545359ca9b02c0e91bb72)](https://www.codacy.com/app/jubjub/eslint-plugin-xss)

Tries to detect XSS issues in codebase before they end up in production.

## Installation

You'll first need to install [ESLint](http://eslint.org):

```

$ npm install eslint --save-dev

```

Next, install `eslint-plugin-xss`:

```

$ npm install eslint-plugin-xss --save-dev

```

**Note:** If you installed ESLint globally (using the `-g` flag) then you must also install `eslint-plugin-xss` globally.

## Usage

Add `xss` to the plugins section of your `.eslintrc` configuration file. You can omit the `eslint-plugin-` prefix:

```json

{

    "plugins": [

        "xss"

    ]

}

```

Then configure the rules you want to use under the rules section.

```json

{

    "rules": {

        "xss/rule-name": 2

    }

}

```

Or:

Enable all rules by adding the following to your `.eslintrc` configuration file

```json

{

    "extends": [

        "plugin:xss/recommended"

    ]

}

```

## Supported Rules

* [xss/no-mixed-html](docs/rules/no-mixed-html.md): Warn about possible XSS issues.

* [xss/no-location-href-assign](docs/rules/no-location-href-assign.md): Warn when trying to modify location.href.