1 | /**
|
2 | * @fileoverview Rule to flag when using javascript: urls
|
3 | * @author Ilya Volodin
|
4 | */
|
5 | /*jshint scripturl: true */
|
6 | /*eslint no-script-url: 0*/
|
7 |
|
8 | ;
|
9 |
|
10 | //------------------------------------------------------------------------------
|
11 | // Rule Definition
|
12 | //------------------------------------------------------------------------------
|
13 |
|
14 | module.exports = function(context) {
|
15 |
|
16 | return {
|
17 |
|
18 | "Literal": function(node) {
|
19 |
|
20 | var value;
|
21 |
|
22 | if (node.value && typeof(node.value) === "string") {
|
23 | value = node.value.toLowerCase();
|
24 |
|
25 | if (value.indexOf("javascript:") === 0) {
|
26 | context.report(node, "Script URL is a form of eval.");
|
27 | }
|
28 | }
|
29 | }
|
30 | };
|
31 |
|
32 | };
|