0

Codacy js test give me an secure errors:

Function Call Object Injection Sink (security/detect-object-injection)

For next code row:

let computedType = window.getComputedStyle(arr[i]).display.toString();

Why can't i use [i] for working with loop and why it is not secure?

Volodymyr Humeniuk
  • 3,411
  • 9
  • 35
  • 70
  • 2
    See https://blog.liftsecurity.io/2015/01/14/the-dangers-of-square-bracket-notation/ – Adam Sep 08 '17 at 00:13
  • [eslint-plugin-security](https://github.com/nodesecurity/eslint-plugin-security): "*This project […] finds a lot of false positives*". – Bergi Sep 08 '17 at 00:17

0 Answers0