diff --git a/packages/auth/src/platform_browser/index.ts b/packages/auth/src/platform_browser/index.ts index 872cd442767..fe06490c95c 100644 --- a/packages/auth/src/platform_browser/index.ts +++ b/packages/auth/src/platform_browser/index.ts @@ -126,7 +126,7 @@ _setExternalJSProvider({ const el = document.createElement('script'); // FIXME: Do not use setAttribute, since it can lead to XSS. Instead, use the safevalues library to // safely set an attribute for a sanitized trustedResourceUrl. Since the trustedResourceUrl - // must be initialized from a template string literal, this could involve some heavy + // must be initialized from a template string literal, this could involve some heavy // refactoring. el.setAttribute('src', url); el.onload = resolve; diff --git a/packages/auth/src/platform_browser/load_js.test.ts b/packages/auth/src/platform_browser/load_js.test.ts index d7535b8eb82..eef9e913d99 100644 --- a/packages/auth/src/platform_browser/load_js.test.ts +++ b/packages/auth/src/platform_browser/load_js.test.ts @@ -44,7 +44,7 @@ describe('platform-browser/load_js', () => { loadJS(url: string): Promise { return new Promise((resolve, reject) => { const el = document.createElement('script'); - // FIXME: Do not use setAttribute, as this can lead to XSS. Instead, use the safevalues + // FIXME: Do not use setAttribute, as this can lead to XSS. Instead, use the safevalues // library, or get an exception for tests. el.setAttribute('src', url); el.onload = resolve; @@ -67,7 +67,7 @@ describe('platform-browser/load_js', () => { // eslint-disable-next-line @typescript-eslint/no-floating-promises _loadJS('http://localhost/url'); - // FIXME: Do not use setAttribute, as this can lead to XSS. Instead, use the safevalues + // FIXME: Do not use setAttribute, as this can lead to XSS. Instead, use the safevalues // library, or get an exception for tests. expect(el.setAttribute).to.have.been.calledWith( 'src',