How to resolve eslint "Generic Object Injection Sink" error?

Question

I'm trying to read a JSON array. Every time i try to read the array/value by passing JSON object key like this-

json[key]

It shows a Eslint error-

[eslint] Generic Object Injection Sink (security/detect-object-injection)

I understand its a security warning because the key may not exists. But how do i resolve this warning? Is there any easier way to read the Json object. My plan is to pass the "key" to the function and read the json based on the key.

Answer 1

You are searching for an ES lint error fix:

Here is the syntax for it

json [`${key}`]

Example:

const obj = { 
    eventName: 'Music event', 
    landingPic: 'landing.jpg',
    eventPic0: 'pic0.jpg',
    eventPic1: 'pic1.jpg',
    eventPic2: 'pic2.jpg',
    eventPic3: 'pic3.jpg',
    artist: 'Elie'
};

// array of keys which need to  be read
const arrayOfKey = ['landingPic', 'eventPic0', 'eventPic1',  'eventPic2',  'eventPic3'];

// let's read the value by a key in array
arrayOfKey.forEach( key => {
    const value = obj[`${key}`];
    console.log(value);
});

Answer 2

Unsure why, but typecasting the access parameter silences the error. Guessing this has something to do with sanitation being able to prevent pollution.

const myThing = myObj[String(key)]
const myThing = myObj[key as string]