react

typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml

returntocorp

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

typescript.react.security.audit.react-http-leak.react-http-leak

returntocorp

this rule has been deprecated.

typescript.react.security.react-insecure-request.react-insecure-request

returntocorp

Unencrypted request over HTTP detected.

returntocorp

Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

returntocorp

Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

returntocorp

This rule has been deprecated.

Insufficient permissions to view rule definition Upgrade to Semgrep Team tier to see this Pro rule. Visit https://semgrep.dev/pricing to learn how to upgrade.