CPLAT-7608 [3.1.0] Improve handling of “repeat” errors thrown from components wrapped by an ErrorBoundary#353
Merged
rmconsole3-wf merged 8 commits into3.1.0-wipfrom Oct 11, 2019
Conversation
Security InsightsThe items listed below may not capture all security relevant changes. Before providing a security review, be sure to review the entire PR for security impact. (3) Security relevant changes were detectedinnerHtml in lib/src/component/error_boundary_mixins.dart line(s) ['258'] addedInnerHtml in lib/src/component/error_boundary_mixins.dart line(s) ['282'] addeddangerouslySetInnerHTML in lib/src/component/error_boundary_mixins.dart line(s) ['283'] addedAction Items
Questions or Comments? Reach out on Slack: #support-infosec. |
aaronlademann-wf
force-pushed
the
3.1.0/error-boundary-improvements
branch
from
6bd228b to
53ddc19
Compare
aaronlademann-wf
commented
Oct 3, 2019
| return props.children; | ||
| } | ||
|
|
||
| // TODO: Add PropTypes |
Contributor
Author
There was a problem hiding this comment.
Not in this PR... I just noticed that validateProps had been removed without having an analogous propTypes replacement.
+ A port of the fix from 3.0.0 (de99fd1)
aaronlademann-wf
force-pushed
the
3.1.0/error-boundary-improvements
branch
from
53ddc19 to
ceda402
Compare
Member
|
+1 security
|
+ and add more test coverage for edge cases involving `dangerouslySetInnerHTML`
# Conflicts: # test/over_react/component/fixtures/flawed_component_on_mount.over_react.g.dart # test/over_react/component/fixtures/flawed_component_that_renders_a_string.over_react.g.dart # test/over_react/component/fixtures/flawed_component_that_renders_nothing.over_react.g.dart
8 tasks
Contributor
joebingham-wk
left a comment
joebingham-wk
left a comment
There was a problem hiding this comment.
Looks great! Just a tiny question.
| }); | ||
| }); | ||
|
|
||
| // group('throws a PropError when', () { |
Contributor
There was a problem hiding this comment.
Should we add a TODO here to mention that the validate props needs to be added back?
Contributor
|
+10 |
Contributor
|
@Workiva/release-management-p |
Contributor
|
@Workiva/release-management-p |
1 similar comment
Contributor
|
@Workiva/release-management-p |
Member
|
+1 security refresh |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
@greglittlefield-wf @kealjones-wk @joebingham-wk @sydneyjodon-wk