本文整理汇总了TypeScript中eslint.RuleTester.run方法的典型用法代码示例。如果您正苦于以下问题:TypeScript RuleTester.run方法的具体用法?TypeScript RuleTester.run怎么用?TypeScript RuleTester.run使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类eslint.RuleTester
的用法示例。
在下文中一共展示了RuleTester.run方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的TypeScript代码示例。
示例1: foo
ruleTester.run("Dynamically executing code is security-sensitive", rule, {
valid: [
{
code: `foo(x)`,
},
{
code: `function foo(x){}\n foo(x);`,
},
{
code: `eval()`,
},
{
code: `eval(42)`,
},
{
code: `eval("Hello")`,
},
{
code: `eval(\`Hello\`)`,
},
{
code: `Function()`,
},
{
code: `new Function(42)`,
},
{
code: `new Function('a', 42)`,
},
{
code: `Function(42, 'x')`,
},
{
code: `Function("Hello")`,
},
{
code: `Function(\`Hello\`)`,
},
],
invalid: [
{
code: `eval(x);`,
errors: [
{
message: "Make sure that this dynamic injection or execution of code is safe.",
line: 1,
endLine: 1,
column: 1,
endColumn: 5,
},
],
},
{
code: `eval(\`Hello \${x}\`)`,
errors: 1,
},
{
code: `Function(x)`,
errors: 1,
},
{
code: `new Function(x)`,
errors: 1,
},
{
code: `eval(42, x)`,
errors: 1,
},
{
code: `eval(x, 42)`,
errors: 1,
},
{
code: `new Function(a, x)`,
errors: 1,
},
{
code: `new Function('a', x)`,
errors: 1,
},
],
});
示例2: digest
ruleTester.run("Hashing data is security-sensitive: client side", rule, {
valid: [
{
// no call
code: `crypto.subtle.digest`,
},
{
// not "digest"
code: `crypto.subtle.encrypt()`,
},
{
// no "crypto.subtle"
code: `foo.digest()`,
},
],
invalid: [
{
code: `crypto.subtle.digest("SHA-256", buffer);`,
errors: [
{
message: "Make sure that hashing data is safe here.",
line: 1,
endLine: 1,
column: 1,
endColumn: 21,
},
],
},
{
code: `let subtle = crypto.subtle; subtle.digest();`,
errors: 1,
},
{
code: `let digest = crypto.subtle.digest; digest();`,
errors: 1,
},
{
code: `let subtle = window.crypto.subtle; subtle.digest();`,
errors: 1,
},
],
});
示例3: createHtmlRequestObject
ruleTester.run("Sending HTTP requests is security-sensitive: client side", rule, {
valid: [
// no call to XMLHttpRequest constructor
{
code: `xmlhttp.open("GET", url, false);`,
},
{
code: `myFetch()`,
},
],
invalid: [
{
code: `window.fetch(url);`,
errors: [
{
message: "Make sure that this HTTP request is sent safely.",
line: 1,
endLine: 1,
column: 1,
endColumn: 13,
},
],
},
{
code: `fetch(url);`,
errors: 1,
},
{
code: `
var xmlhttp = new XMLHttpRequest();
xmlhttp.open("GET", url, false);
`,
errors: 1,
},
{
code: `
var xmlhttp = createHtmlRequestObject();
xmlhttp.open("GET", url, false);
function createHtmlRequestObject() {
return new XMLHttpRequest();
}
`,
errors: 1,
},
{
code: `
var xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
xmlhttp.open("GET", url, false);
`,
errors: 1,
},
{
code: `
var xdr = new XDomainRequest();
xdr.open("GET", url);
`,
errors: 1,
},
{
code: `
$.ajax({ url: url });
$.get(url, function(data) {});
jQuery.post(url, data => {});
`,
errors: 3,
},
],
});
示例4:
ruleTester.run("Using regular expressions is security-sensitive", rule, {
valid: [
{
code: `str.replace("foo", str); str.replace('foo', str);`,
},
{
code: `let regex = /ab+c/; `,
},
{
code: `str.split();`,
},
{
code: `foo.test();`,
},
{
code: `foo.test(p1, p2);`,
},
{
code: `/abc/.test(p1);`,
},
{
code: `/abc/g.test(p1);`,
},
{
code: `/./.test(p1);`,
},
{
code: `/^\\w$/.test(p1);`,
},
{
code: `str.replace(/abc/, str);`,
},
{
code: `import * as cp from "child_process"; cp.exec(str);`,
},
],
invalid: [
{
code: `str.replace(regex, str);`,
errors: [
{
message: "Make sure that using a regular expression is safe here.",
line: 1,
endLine: 1,
column: 13,
endColumn: 18,
},
],
},
{
code: `regex.test(str);`,
errors: [
{
message: "Make sure that using a regular expression is safe here.",
line: 1,
endLine: 1,
column: 1,
endColumn: 6,
},
],
},
{
code: `str.replace(/ab+c/, str);`,
errors: 1,
},
{
code: `str.replace(/[a-d]/, str);`,
errors: 1,
},
{
code: `regex.exec(str);`,
errors: 1,
},
{
code: `import * as regex from "foo"; regex.exec(str);`,
errors: 1,
},
{
code: `foo.test("str");`,
errors: 1,
},
],
});
示例5: require
ruleTester.run("Handling files is security-sensitive", rule, {
valid: [
{
code: `
const fs = require('fs');
fs.createWriteStream('foo.txt');
`,
},
{
code: `
const fs = require('myFs');
fs.createWriteStream(userInput + ".txt");
`,
},
{
code: `
import { rename } from 'fs'
rename("foo.txt", "bar.txt")
`,
},
{
code: `
const fs = require('fs');
fs[getFunctionName()]('foo.txt');
`,
},
],
invalid: [
{
code: `
const fs = require('fs');
fs.createWriteStream(userInput + ".txt");
`,
errors: [
{
message: "Make sure this file handling is safe here.",
line: 3,
endLine: 3,
column: 9,
endColumn: 29,
},
],
},
{
code: `
const fs = require('fs');
fs.openSync(userInput + ".txt", "r");`,
errors: 1,
},
{
code: `
import { openSync } from 'fs'
openSync(userInput + ".txt", "r");
`,
errors: 1,
},
{
code: `
import { rename } from 'fs'
rename("foo.txt", userInput + ".txt");
`,
errors: 1,
},
],
});
示例6: exec
ruleTester.run("Executing OS commands is security-sensitive", rule, {
valid: [
{
code: `
const cp = require('child_process');
cp.fork('child.js');
`,
},
{
code: `
import { fork } from 'child_process';
fork('child.js');`,
},
{
code: `
const cp = require('child_process');
cp.exec('echo child_process.exec hardcoded >> output.txt');`,
},
{
code: `
const cp = require('child_process');
cp.spawn('echo child_process.exec hardcoded >> output.txt', { shell: true });`,
},
{
code: `
const cp = require('child_process');
cp.spawn('echo child_process.spawn ' + userinput + ' >> output.txt', { shell: false });`,
},
{
code: `
const cp = require('child_process');
cp.spawn('echo child_process.spawn ' + userinput + ' >> output.txt');`,
},
{
code: `
const exec = require('child_process').fork;
exec('echo child_process.exec ' + process.argv[2] + ' >> output.txt');`,
},
],
invalid: [
{
code: `
const cp = require('child_process');
cp.exec('echo child_process.exec ' + userInput + ' >> output.txt');
`,
errors: [
{
message: "Make sure that executing this OS command is safe here.",
line: 3,
endLine: 3,
column: 12,
endColumn: 16,
},
],
},
{
code: `
import * as cp from 'child_process';
cp.exec('echo child_process.exec ' + process.argv[2] + ' >> output.txt');`,
errors: 1,
},
{
code: `
import { exec } from 'child_process';
exec('echo child_process.exec ' + process.argv[2] + ' >> output.txt');`,
errors: 1,
},
{
code: `
import * as cp from 'child_process';
cp.spawn('echo child_process.exec ' + process.argv[2] + ' >> output.txt', { shell: true });`,
errors: 1,
},
{
code: `
import * as cp from 'child_process';
cp.exec('echo child_process.exec ' + process.argv[2] + ' >> output.txt', { env: "" });`,
errors: 1,
},
{
code: `
const exec = require('child_process').exec;
exec('echo child_process.exec ' + process.argv[2] + ' >> output.txt');`,
errors: 1,
},
{
code: `
var execSync = require('child_process').execSync
function exec(command) {
execSync(command, { stdio: [0, 1, 2] })
}
`,
errors: 1,
},
],
});
示例7: require
ruleTester.run("Executing SQL queries is security-sensitive", rule, {
valid: [
{
code: `
const mysql = require('mysql');
conn.query(sql, [userInput], (err, res) => {});
`,
},
{
code: `
const pg = require('pg');
conn.query(sql, [userInput], (err, res) => {});
`,
},
{
code: `
const pg = require('pg');
conn.query("SELECT * FROM FOO", (err, res) => {});
`,
},
{
code: `
import { query } from 'myDB';
query("SELECT * FROM users WHERE id = ' + userId", (err, res) => {});
`,
},
{
code: `
const pg = require('pg');
pg.query();
`,
},
// FN, userId is not escaped
{
code: `
const mysql = require('mysql');
conn.query("SELECT * FROM users WHERE id = ' + userId", [userInput], (err, res) => {});
`,
},
],
invalid: [
{
code: `
const mysql = require('mysql');
conn.query(sql, (err, res) => {});`,
errors: [
{
message: "Make sure that executing SQL queries is safe here.",
line: 3,
endLine: 3,
column: 7,
endColumn: 17,
},
],
},
{
code: `
import { query } from 'pg';
conn.query('SELECT * FROM users WHERE id = ' + userId, (err, res => {}));
`,
errors: 1,
},
{
code: `
import { query } from 'mysql2';
conn.query('SELECT * FROM users WHERE id = ' + userId, (err, res => {}));
`,
errors: 1,
},
// FP, parameters are escaped
{
code: `
const mysql = require('mysql');
conn.query('SELECT * FROM users WHERE id = ' + connection.escape(userId), (err, res => {}));
`,
errors: 1,
},
],
});
示例8:
ruleTester.run("Using command line arguments is security-sensitive", rule, {
valid: [
{
code: `foo.bar`,
},
{
code: `process.argvFoo`,
},
{
code: `processFoo.argv`,
},
{
code: `'process.argv'`,
},
],
invalid: [
{
code: `let x = process.argv;`,
errors: [
{
message: "Make sure that command line arguments are used safely here.",
line: 1,
endLine: 1,
column: 9,
endColumn: 21,
},
],
},
{
code: `\`argument 0: \${process.argv[0]}\``,
errors: 1,
},
],
});
示例9: foo
ruleTester.run("Using cookies is security-sensitive", rule, {
valid: [
{
code: `document.foo`,
},
{
code: `foo.cookie`,
},
{
code: `response.setHeader()`,
},
{
code: `response.setHeader('Content-Type', 'text/plain')`,
},
{
code: `response.foo('Set-Cookie', x)`,
},
{
code: `response.setHeader(SetCookie, x)`,
},
{
code: `res.cookie("foo", "bar");`,
},
{
code: `foo(req.cookies);`,
},
],
invalid: [
{
code: `let x = document.cookie;`,
errors: [
{
message: "Make sure that this cookie is used safely.",
line: 1,
endLine: 1,
column: 9,
endColumn: 24,
},
],
},
{
code: `document.cookie = 42;`,
errors: 1,
},
{
code: `response.setHeader('Set-Cookie', x);`,
errors: 1,
},
{
code: `'express'; res.cookie("foo", "bar");`,
errors: 1,
},
{
code: `'express'; foo(req.cookies);`,
errors: 1,
},
],
});
示例10: listen
ruleTester.run("Exposing HTTP endpoints is security-sensitive", rule, {
valid: [
{
code: `import * as express from 'foo'; app.listen(3000);`,
},
{
code: `import * as express from 'foo'; listen(3000);`,
},
{
code: `import * as exp from 'express'; app.use(foo);`,
},
{
code: `import * as express from 'express'; app.listen;`,
},
{
code: `foo('express'); app.listen(3000);`,
},
{
code: `require('express'); app.use(3000);`,
},
],
invalid: [
{
code: `import { foo } from "http"; bar.listen(3000);`,
errors: [
{
message: "Make sure that exposing this HTTP endpoint is safe here.",
line: 1,
endLine: 1,
column: 33,
endColumn: 39,
},
],
},
{
code: `
import { createServer } from "http";
createServer((req, res => {
log();
handle(req,res);
})).listen(3000);
// ^^^^^^`,
errors: [
{
message: "Make sure that exposing this HTTP endpoint is safe here.",
line: 6,
endLine: 6,
column: 11,
endColumn: 17,
},
],
},
{
code: `require('express'); app.listen(3000);`,
errors: 1,
},
{
code: `require('https'); server.listen(3000);`,
errors: 1,
},
{
code: `import * as exp from 'express'; app.listen(3000);`,
errors: 1,
},
],
});