张翔
64165c4499
Phase 6: Security Optimizations - Install DOMPurify for XSS protection - Create sanitize utilities (HTML, input, URL, escape) - Implement input sanitization in contact form - Add CSRF token generation and validation - Integrate CSRF protection in form submissions Phase 7: Code Quality Optimizations - Enhance TypeScript strict mode configuration - Add noUncheckedIndexedAccess for safer array access - Enable noImplicitReturns and noFallthroughCasesInSwitch - Add noUnusedLocals and noUnusedParameters - Enable exactOptionalPropertyTypes for precise types - Configure comprehensive ESLint rules - Add React security rules (no-unescaped-entities, jsx-no-target-blank) - Add TypeScript best practices rules - Add code quality rules (prefer-const, eqeqeq, curly) Files modified: - package.json: Add DOMPurify dependency - src/lib/sanitize.ts: New sanitization utilities - src/lib/csrf.ts: New CSRF protection utilities - src/components/sections/contact-section.tsx: Security integration - tsconfig.json: Enhanced TypeScript configuration - eslint.config.mjs: Comprehensive ESLint rules Impact: - XSS attack prevention - CSRF attack prevention - Better type safety - Improved code quality - Financial-grade security standards
43 lines
1.4 KiB
JavaScript
43 lines
1.4 KiB
JavaScript
import { defineConfig, globalIgnores } from "eslint/config";
|
|
import nextVitals from "eslint-config-next/core-web-vitals";
|
|
import nextTs from "eslint-config-next/typescript";
|
|
|
|
const eslintConfig = defineConfig([
|
|
...nextVitals,
|
|
...nextTs,
|
|
globalIgnores([
|
|
".next/**",
|
|
"out/**",
|
|
"build/**",
|
|
"next-env.d.ts",
|
|
]),
|
|
{
|
|
rules: {
|
|
"react/no-unescaped-entities": "error",
|
|
"react/jsx-no-target-blank": "error",
|
|
"react/jsx-curly-brace-presence": ["error", { "props": "never", "children": "never" }],
|
|
"react/self-closing-comp": "error",
|
|
"react/jsx-boolean-value": ["error", "never"],
|
|
"@typescript-eslint/no-unused-vars": ["error", {
|
|
"argsIgnorePattern": "^_",
|
|
"varsIgnorePattern": "^_"
|
|
}],
|
|
"@typescript-eslint/explicit-function-return-type": "off",
|
|
"@typescript-eslint/no-explicit-any": "warn",
|
|
"@typescript-eslint/prefer-nullish-coalescing": "error",
|
|
"@typescript-eslint/prefer-optional-chain": "error",
|
|
"@typescript-eslint/no-unnecessary-condition": "warn",
|
|
"no-console": ["warn", { "allow": ["warn", "error"] }],
|
|
"prefer-const": "error",
|
|
"no-var": "error",
|
|
"eqeqeq": ["error", "always"],
|
|
"curly": ["error", "all"],
|
|
"no-throw-literal": "error",
|
|
"no-return-await": "error",
|
|
"prefer-promise-reject-errors": "error",
|
|
},
|
|
},
|
|
]);
|
|
|
|
export default eslintConfig;
|