1 | /**
|
2 | * @fileoverview Rule to flag when using javascript: urls
|
3 | * @author Ilya Volodin
|
4 | */
|
5 | /* jshint scripturl: true */
|
6 | /* eslint no-script-url: 0 */
|
7 |
|
8 | ;
|
9 |
|
10 | //------------------------------------------------------------------------------
|
11 | // Rule Definition
|
12 | //------------------------------------------------------------------------------
|
13 |
|
14 | module.exports = {
|
15 | meta: {
|
16 | docs: {
|
17 | description: "disallow `javascript:` urls",
|
18 | category: "Best Practices",
|
19 | recommended: false,
|
20 | url: "https://eslint.org/docs/rules/no-script-url"
|
21 | },
|
22 |
|
23 | schema: []
|
24 | },
|
25 |
|
26 | create(context) {
|
27 |
|
28 | return {
|
29 |
|
30 | Literal(node) {
|
31 | if (node.value && typeof node.value === "string") {
|
32 | const value = node.value.toLowerCase();
|
33 |
|
34 | if (value.indexOf("javascript:") === 0) {
|
35 | context.report({ node, message: "Script URL is a form of eval." });
|
36 | }
|
37 | }
|
38 | }
|
39 | };
|
40 |
|
41 | }
|
42 | };
|