Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / devtools / devtools-frontend / 16aca394c562f9e685778f6a8269931a1183f13b / . / node_modules / eslint / lib / rules / no-script-url.js
blob: 0c82052440372f7c8890dd3ae891929ff1a2df08 [file] [log] [blame]
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]1/**
2 * @fileoverview Rule to flag when using javascript: urls
3 * @author Ilya Volodin
4 */
5/* jshint scripturl: true */
6/* eslint no-script-url: 0 */
7
8"use strict";
9
Tim van der Lippe16aca392020-11-13 11:37:13 +0000[diff] [blame^]10const astUtils = require("./utils/ast-utils");
11
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]12//------------------------------------------------------------------------------
13// Rule Definition
14//------------------------------------------------------------------------------
15
16module.exports = {
17 meta: {
18 type: "suggestion",
19
20 docs: {
21 description: "disallow `javascript:` urls",
22 category: "Best Practices",
23 recommended: false,
24 url: "https://eslint.org/docs/rules/no-script-url"
25 },
26
Tim van der Lippe16aca392020-11-13 11:37:13 +0000[diff] [blame^]27 schema: [],
28
29 messages: {
30 unexpectedScriptURL: "Script URL is a form of eval."
31 }
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]32 },
33
34 create(context) {
35
Tim van der Lippe16aca392020-11-13 11:37:13 +0000[diff] [blame^]36 /**
37 * Check whether a node's static value starts with "javascript:" or not.
38 * And report an error for unexpected script URL.
39 * @param {ASTNode} node node to check
40 * @returns {void}
41 */
42 function check(node) {
43 const value = astUtils.getStaticStringValue(node);
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]44
Tim van der Lippe16aca392020-11-13 11:37:13 +0000[diff] [blame^]45 if (typeof value === "string" && value.toLowerCase().indexOf("javascript:") === 0) {
46 context.report({ node, messageId: "unexpectedScriptURL" });
47 }
48 }
49 return {
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]50 Literal(node) {
51 if (node.value && typeof node.value === "string") {
Tim van der Lippe16aca392020-11-13 11:37:13 +0000[diff] [blame^]52 check(node);
53 }
54 },
55 TemplateLiteral(node) {
56 if (!(node.parent && node.parent.type === "TaggedTemplateExpression")) {
57 check(node);
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]58 }
59 }
60 };
Yang Guo4fd355c2019-09-19 10:59:03 +0200[diff] [blame]61 }
62};