Acasă Explorează Ajutor
Înregistrare Autentificare
z16
/
vscode-extension--copy-words-to-clipboard
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Ramură: master
Ramuri Etichete
vscode-extensio...
/
hover-words-to-copy
/
node_modules
/
eslint
/
lib
/
rules
/
no-script-url.js

no-script-url.js 1.5 KB
Permalink Istoric Crud

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. /**
    2. 

  2.  * @fileoverview Rule to disallow `javascript:` URLs
    3. 

  3.  * @author Ilya Volodin
    4. 

  4.  */
    5. 

  5. /* eslint no-script-url: 0 -- Code is checking to report such URLs */
    6. 

  6. 

  7. "use strict";
    8. 

  8. 

  9. const astUtils = require("./utils/ast-utils");
    10. 

  10. 

  11. //------------------------------------------------------------------------------
    12. 

  12. // Rule Definition
    13. 

  13. //------------------------------------------------------------------------------
    14. 

  14. 

  15. /** @type {import('../types').Rule.RuleModule} */
    16. 

  16. module.exports = {
    17. 

  17. 	meta: {
    18. 

  18. 		type: "suggestion",
    19. 

  19. 

  20. 		docs: {
    21. 

  21. 			description: "Disallow `javascript:` URLs",
    22. 

  22. 			recommended: false,
    23. 

  23. 			url: "https://eslint.org/docs/latest/rules/no-script-url",
    24. 

  24. 		},
    25. 

  25. 

  26. 		schema: [],
    27. 

  27. 

  28. 		messages: {
    29. 

  29. 			unexpectedScriptURL: "Script URL is a form of eval.",
    30. 

  30. 		},
    31. 

  31. 	},
    32. 

  32. 

  33. 	create(context) {
    34. 

  34. 		/**
    35. 

  35. 		 * Check whether a node's static value starts with `javascript:` or not.
    36. 

  36. 		 * And report an error for unexpected script URL.
    37. 

  37. 		 * @param {ASTNode} node node to check
    38. 

  38. 		 * @returns {void}
    39. 

  39. 		 */
    40. 

  40. 		function check(node) {
    41. 

  41. 			const value = astUtils.getStaticStringValue(node);
    42. 

  42. 

  43. 			if (
    44. 

  44. 				typeof value === "string" &&
    45. 

  45. 				value.toLowerCase().indexOf("javascript:") === 0
    46. 

  46. 			) {
    47. 

  47. 				context.report({ node, messageId: "unexpectedScriptURL" });
    48. 

  48. 			}
    49. 

  49. 		}
    50. 

  50. 		return {
    51. 

  51. 			Literal(node) {
    52. 

  52. 				if (node.value && typeof node.value === "string") {
    53. 

  53. 					check(node);
    54. 

  54. 				}
    55. 

  55. 			},
    56. 

  56. 			TemplateLiteral(node) {
    57. 

  57. 				if (
    58. 

  58. 					!(
    59. 

  59. 						node.parent &&
    60. 

  60. 						node.parent.type === "TaggedTemplateExpression"
    61. 

  61. 					)
    62. 

  62. 				) {
    63. 

  63. 					check(node);
    64. 

  64. 				}
    65. 

  65. 			},
    66. 

  66. 		};
    67. 

  67. 	},
    68. 

  68. };
    69.