no-danger
Last updated: Jan 16, 2025
Prevent the use of dangerouslySetInnerHTML
which can lead to XSS
vulnerabilities if used incorrectly.
Invalid:
const hello = <div dangerouslySetInnerHTML={{ __html: "Hello World!" }} />;
Valid:
const hello = <div>Hello World!</div>;