/**
 * @fileoverview Rule to disallow `javascript:` URLs
 * @author Ilya Volodin
 */
/* eslint no-script-url: 0 -- Code is checking to report such URLs */

'use strict';

const astUtils = require('./utils/ast-utils');

//------------------------------------------------------------------------------
// Rule Definition
//------------------------------------------------------------------------------

/** @type {import('../types').Rule.RuleModule} */
module.exports = {
  meta: {
    type: 'suggestion',

    docs: {
      description: 'Disallow `javascript:` URLs',
      recommended: false,
      url: 'https://eslint.org/docs/latest/rules/no-script-url',
    },

    schema: [],

    messages: {
      unexpectedScriptURL: 'Script URL is a form of eval.',
    },
  },

  create(context) {
    /**
     * Check whether a node's static value starts with `javascript:` or not.
     * And report an error for unexpected script URL.
     * @param {ASTNode} node node to check
     * @returns {void}
     */
    function check(node) {
      const value = astUtils.getStaticStringValue(node);

      if (
        typeof value === 'string' &&
        value.toLowerCase().indexOf('javascript:') === 0
      ) {
        context.report({ node, messageId: 'unexpectedScriptURL' });
      }
    }
    return {
      Literal(node) {
        if (node.value && typeof node.value === 'string') {
          check(node);
        }
      },
      TemplateLiteral(node) {
        if (!(node.parent && node.parent.type === 'TaggedTemplateExpression')) {
          check(node);
        }
      },
    };
  },
};