Hi Gaia Developers, As most of you are aware, we currently disallow some assignments to innerHTML [1] and we are enforcing this using an eslint rule.
Eslint runs locally but also on Taskcluster, so I didn't want to start off with a red tree. This is why we have a large file of known violations in build/eslint/xfail.list. Of course we all want this list to shrink, so I have been looking into some high-profile apps manually (e.g. the system app [2]) to help improve their track record. I have also generated a (now slightly outdated) HTML version of all known violations at <https://people.mozilla.org/~fbraun/files/eslint_report.html>. As a next step, I could use use the data from this report to file bugs for each and every violation, which would result in about 368 bugs. Is this something Gaia Module owners would appreciate? Would you rather have an innerHTML bug with all violations per module instead of per violation? I am willing to help out with some of the individual bugs, especially for apps with access to sensitive data and a lot of permissions, but before going on to file hundreds of bugs, I'd rather have some input. - Freddy [1] and assignments to outerHTML and calls to insertAdjacentHTML. See <https://developer.mozilla.org/en-US/Firefox_OS/Security/Security_Automation> for more! [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1206661 _______________________________________________ dev-fxos mailing list [email protected] https://lists.mozilla.org/listinfo/dev-fxos
