Details

    • Type: Language-Specification
    • Status: Active
    • Resolution: Unresolved
    • Labels:
    • Impact:
      Unknown 'null' severity
    • Likelihood:
      Unknown 'null' severity
    • Default Quality Profiles:
      Sonar way, Sonar way recommended

      Description

      Sensitive Code Example

      The debugger statement should be removed in production:

      for (i = 1; i<5; i++) {
        // Print i to the Output window.
        Debug.write("loop index is " + i);
        // Wait for user to resume.
        debugger; // Sensitive
      }
      

      alert(), confirm() and prompt() instructions should be removed in production:

      if(unexpectedCondition) {
        alert("Unexpected Condition");  // Sensitive
      }
      

      errorhandler expressjs middleware should not be used in production:

      var connect = require('connect')
      var errorhandler = require('errorhandler')
      
      var app = connect();
      app.use(errorhandler()); // Sensitive
      

      Compliant Solution

      errorhandler expressjs middleware used only in development mode:

      var connect = require('connect')
      var errorhandler = require('errorhandler')
      
      var app = connect();
      
      if (process.env.NODE_ENV === 'development') {  // Compliant
        app.use(errorhandler());  // Compliant
      }  
      

        Attachments

          Activity

            People

            • Assignee:
              lars.svensson Lars Svensson (Inactive)
              Reporter:
              lars.svensson Lars Svensson (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: