Avoid using console in code that runs on browser
Closed this issue · 0 comments
Usually, console methods are only used for debugging, and can leak internal info to the client. Removing the console call will fix this issue.
BAD PRACTICE
if (!secure(data)) {
console.log("data is not secure", data) // data
is visible to the client
}
console.table(tableObj)
RECOMMENDED
if (!secure(data)) {
// alter the DOM to inform the user that data
is insecure.
}
console.table(tableObj) // skipcq: JS-0002 Easter egg. Users are meant
Avoid using console in code that runs on the browser
examples/localLpToken.ts
}
);
console.log(
`${PURPLE}The following call data that is returned:\n${GREEN}${JSON.stringify(
callInfo,
null,
4
)}`
);
} catch (e) {
console.error(e);
throw Error(e as string);
Avoid using console in code that runs on the browser
examples/localLpToken.ts
}
const decoded = assetApi.decodeExtrinsic(callInfo.tx, 'call');
console.log(
`\n${PURPLE}The following decoded tx:\n${GREEN} ${JSON.stringify(
JSON.parse(decoded),
null,
4
)}${RESET}`
);
};
main().finally(() => process.exit());
Avoid using console in code that runs on the browser
examples/paraToSystemParachainPrimaryNative.ts
}
);
console.log(
`${PURPLE}The following call data that is returned:\n${GREEN}${JSON.stringify(
callInfo,
null,
4
)}`
);
} catch (e) {
console.error(e);
throw Error(e as string);
Avoid using console in code that runs on the browser
examples/paraToSystemParachainPrimaryNative.ts
}
const decoded = assetApi.decodeExtrinsic(callInfo.tx, 'call');
console.log(
`\n${PURPLE}The following decoded tx:\n${GREEN} ${JSON.stringify(
JSON.parse(decoded),
null,
4
)}${RESET}`
);
};
main().finally(() => process.exit());
Avoid using console in code that runs on the browser
examples/paraToSystemTransferMultiAsset.ts
}
);
console.log(
`${PURPLE}The following call data that is returned:\n${GREEN}${JSON.stringify(
callInfo,
null,
4
)}`
);
} catch (e) {
console.error(e);
throw Error(e as string);
1
2
3
4
7