Struct rslint_core::groups::errors::NoPrototypeBuiltins [−][src]
pub struct NoPrototypeBuiltins {}
Expand description
Disallow direct use of Object.prototype
builtins directly.
ES 5.1 added Object.create
which allows creation of object with a custom prototype. This
pattern is frequently used for objects used as Maps. However this pattern can lead to errors
if something else relies on prototype properties/methods.
Moreover, the methods could be shadowed, this can lead to random bugs and denial of service
vulnerabilities. For example, calling hasOwnProperty
directly on parsed json could lead to vulnerabilities.
Instead, you should use get the method directly from the object using Object.prototype.prop.call(item, args)
.
Invalid Code Examples
var bar = foo.hasOwnProperty("bar");
var bar = foo.isPrototypeOf(bar);
var bar = foo.propertyIsEnumerable("bar");
Correct Code Examples
var bar = Object.prototype.hasOwnProperty.call(foo, "bar");
var bar = Object.prototype.isPrototypeOf.call(foo, bar);
var bar = Object.propertyIsEnumerable.call(foo, "bar");
Implementations
Trait Implementations
Check an individual node in the syntax tree.
You can use the match_ast
macro to make matching a node to an ast node easier.
The reason this uses nodes and not a visitor is because nodes are more flexible,
converting them to an AST node has zero cost and you can easily traverse surrounding nodes.
Defaults to doing nothing. Read more
Check an individual token in the syntax tree. Defaults to doing nothing. Read more
Check the root of the tree one time.
This method is guaranteed to only be called once.
The root’s kind will be either SCRIPT
or MODULE
.
Defaults to doing nothing. Read more
Returns the “default value” for a type. Read more
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
A list of tags present on this rule. Empty by default.
Whether this rule is recommended, this is a simple helper around Self::tags
.
Auto Trait Implementations
impl RefUnwindSafe for NoPrototypeBuiltins
impl Send for NoPrototypeBuiltins
impl Sync for NoPrototypeBuiltins
impl Unpin for NoPrototypeBuiltins
impl UnwindSafe for NoPrototypeBuiltins
Blanket Implementations
Mutably borrows from an owned value. Read more
Whether this implementor has acknowledged the 1.1.0 update to
unerase
’s documented implementation requirements. Read more