Beispiel #1
0
def insertAdjacentHTML(args, traverser, node, wrapper):
    """
    Perfrom the same tests on content inserted into the DOM via
    insertAdjacentHTML as we otherwise would for content inserted via the
    various innerHTML/outerHTML properties.
    """
    if not args or len(args) < 2:
        return

    content = traverser._traverse_node(args[1])
    _set_HTML_property('insertAdjacentHTML', content, traverser)
Beispiel #2
0
def insertAdjacentHTML(args, traverser, node, wrapper):
    """
    Perfrom the same tests on content inserted into the DOM via
    insertAdjacentHTML as we otherwise would for content inserted via the
    various innerHTML/outerHTML properties.
    """
    if not args or len(args) < 2:
        return

    content = traverser._traverse_node(args[1])
    _set_HTML_property("insertAdjacentHTML", content, traverser)
Beispiel #3
0
 def on_write(wrapper, arguments, traverser):
     traverser.err.warning(
         err_id=('js', 'document.write', 'evil'),
         warning='Use of `document.write` strongly discouraged.',
         description=('`document.write` will fail in many circumstances ',
                      'when used in extensions, and has potentially severe '
                      'security repercussions when used improperly. '
                      'Therefore, it should not be used. See %s for more '
                      'information.' % DOC_WRITE_MSG),
         filename=traverser.filename,
         line=traverser.line,
         column=traverser.position,
         context=traverser.context)
     if not arguments:
         return
     value = traverser._traverse_node(arguments[0])
     _set_HTML_property('document.write()', value, traverser)
Beispiel #4
0
 def on_write(wrapper, arguments, traverser):
     traverser.err.warning(
         err_id=('js', 'document.write', 'evil'),
         warning='Use of `document.write` strongly discouraged.',
         description=('`document.write` will fail in many circumstances ',
                      'when used in extensions, and has potentially severe '
                      'security repercussions when used improperly. '
                      'Therefore, it should not be used. See %s for more '
                      'information.' % DOC_WRITE_MSG),
         filename=traverser.filename,
         line=traverser.line,
         column=traverser.position,
         context=traverser.context)
     if not arguments:
         return
     value = traverser._traverse_node(arguments[0])
     _set_HTML_property('document.write()', value, traverser)
Beispiel #5
0
 def on_write(wrapper, arguments, traverser):
     traverser.err.warning(
         err_id=("js", "document.write", "evil"),
         warning="Use of `document.write` strongly discouraged.",
         description=(
             "`document.write` will fail in many circumstances ",
             "when used in extensions, and has potentially severe "
             "security repercussions when used improperly. "
             "Therefore, it should not be used. See %s for more "
             "information." % DOC_WRITE_MSG,
         ),
         filename=traverser.filename,
         line=traverser.line,
         column=traverser.position,
         context=traverser.context,
     )
     if not arguments:
         return
     value = traverser._traverse_node(arguments[0])
     _set_HTML_property("document.write()", value, traverser)
Beispiel #6
0
 def on_write(wrapper, arguments, traverser):
     if not arguments:
         return
     value = traverser._traverse_node(arguments[0])
     _set_HTML_property("document.write()", value, traverser)