Skip to content

Commit 93a3078

Browse files
pradeebanpradeeban
authored
Merge pull request #331 from avinxshKD/fix/xss-eval-validator
fix: replace eval() with new Function() in setEdgeNodeValidator to pr…
2 parents e336650 + 7c9a0f8 commit 93a3078

1 file changed

Lines changed: 4 additions & 4 deletions

File tree

src/graph-builder/graph-core/3-component.js

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -234,10 +234,10 @@ class GraphComponent extends GraphCanvas {
234234
}
235235

236236
setEdgeNodeValidator({ nodeValidator, edgeValidator }) {
237-
// eslint-disable-next-line no-eval
238-
this.nodeValidator = eval(nodeValidator);
239-
// eslint-disable-next-line no-eval
240-
this.edgeValidator = eval(edgeValidator);
237+
// eslint-disable-next-line no-new-func
238+
this.nodeValidator = new Function(`return ${nodeValidator}`)();
239+
// eslint-disable-next-line no-new-func
240+
this.edgeValidator = new Function(`return ${edgeValidator}`)();
241241
}
242242

243243
getNodesEdges() {

0 commit comments

Comments
 (0)