64 lines
1.6 KiB
JavaScript
64 lines
1.6 KiB
JavaScript
/**
|
|
* @fileoverview Rule to disallow `javascript:` URLs
|
|
* @author Ilya Volodin
|
|
*/
|
|
/* eslint no-script-url: 0 -- Code is checking to report such URLs */
|
|
|
|
'use strict';
|
|
|
|
const astUtils = require('./utils/ast-utils');
|
|
|
|
//------------------------------------------------------------------------------
|
|
// Rule Definition
|
|
//------------------------------------------------------------------------------
|
|
|
|
/** @type {import('../types').Rule.RuleModule} */
|
|
module.exports = {
|
|
meta: {
|
|
type: 'suggestion',
|
|
|
|
docs: {
|
|
description: 'Disallow `javascript:` URLs',
|
|
recommended: false,
|
|
url: 'https://eslint.org/docs/latest/rules/no-script-url',
|
|
},
|
|
|
|
schema: [],
|
|
|
|
messages: {
|
|
unexpectedScriptURL: 'Script URL is a form of eval.',
|
|
},
|
|
},
|
|
|
|
create(context) {
|
|
/**
|
|
* Check whether a node's static value starts with `javascript:` or not.
|
|
* And report an error for unexpected script URL.
|
|
* @param {ASTNode} node node to check
|
|
* @returns {void}
|
|
*/
|
|
function check(node) {
|
|
const value = astUtils.getStaticStringValue(node);
|
|
|
|
if (
|
|
typeof value === 'string' &&
|
|
value.toLowerCase().indexOf('javascript:') === 0
|
|
) {
|
|
context.report({ node, messageId: 'unexpectedScriptURL' });
|
|
}
|
|
}
|
|
return {
|
|
Literal(node) {
|
|
if (node.value && typeof node.value === 'string') {
|
|
check(node);
|
|
}
|
|
},
|
|
TemplateLiteral(node) {
|
|
if (!(node.parent && node.parent.type === 'TaggedTemplateExpression')) {
|
|
check(node);
|
|
}
|
|
},
|
|
};
|
|
},
|
|
};
|