UNPKG

eslint/lib/rules/no-script-url.js

Version:

1.74 kBJavaScriptView Raw

1/**
2 * @fileoverview Rule to flag when using javascript: urls
3 * @author Ilya Volodin
4 */
5/* jshint scripturl: true */
6/* eslint no-script-url: 0 */
7
8"use strict";
9
10const astUtils = require("./utils/ast-utils");
11
12//------------------------------------------------------------------------------
13// Rule Definition
14//------------------------------------------------------------------------------
15
16module.exports = {
17    meta: {
18        type: "suggestion",
19
20        docs: {
21            description: "disallow `javascript:` urls",
22            category: "Best Practices",
23            recommended: false,
24            url: "https://eslint.org/docs/rules/no-script-url"
25        },
26
27        schema: [],
28
29        messages: {
30            unexpectedScriptURL: "Script URL is a form of eval."
31        }
32    },
33
34    create(context) {
35
36        /**
37         * Check whether a node's static value starts with "javascript:" or not.
38         * And report an error for unexpected script URL.
39         * @param {ASTNode} node node to check
40         * @returns {void}
41         */
42        function check(node) {
43            const value = astUtils.getStaticStringValue(node);
44
45            if (typeof value === "string" && value.toLowerCase().indexOf("javascript:") === 0) {
46                context.report({ node, messageId: "unexpectedScriptURL" });
47            }
48        }
49        return {
50            Literal(node) {
51                if (node.value && typeof node.value === "string") {
52                    check(node);
53                }
54            },
55            TemplateLiteral(node) {
56                if (!(node.parent && node.parent.type === "TaggedTemplateExpression")) {
57                    check(node);
58                }
59            }
60        };
61    }
62};

1	`/**`
2	`* @fileoverview Rule to flag when using javascript: urls`
3	`* @author Ilya Volodin`
4	`*/`
5	`/* jshint scripturl: true */`
6	`/* eslint no-script-url: 0 */`
7
8	`"use strict";`
9
10	`const astUtils = require("./utils/ast-utils");`
11
12	`//------------------------------------------------------------------------------`
13	`// Rule Definition`
14	`//------------------------------------------------------------------------------`
15
16	`module.exports = {`
17	`meta: {`
18	`type: "suggestion",`
19
20	`docs: {`
21	description: "disallow `javascript:` urls",
22	`category: "Best Practices",`
23	`recommended: false,`
24	`url: "https://eslint.org/docs/rules/no-script-url"`
25	`},`
26
27	`schema: [],`
28
29	`messages: {`
30	`unexpectedScriptURL: "Script URL is a form of eval."`
31	`}`
32	`},`
33
34	`create(context) {`
35
36	`/**`
37	`* Check whether a node's static value starts with "javascript:" or not.`
38	`* And report an error for unexpected script URL.`
39	`* @param {ASTNode} node node to check`
40	`* @returns {void}`
41	`*/`
42	`function check(node) {`
43	`const value = astUtils.getStaticStringValue(node);`
44
45	`if (typeof value === "string" && value.toLowerCase().indexOf("javascript:") === 0) {`
46	`context.report({ node, messageId: "unexpectedScriptURL" });`
47	`}`
48	`}`
49	`return {`
50	`Literal(node) {`
51	`if (node.value && typeof node.value === "string") {`
52	`check(node);`
53	`}`
54	`},`
55	`TemplateLiteral(node) {`
56	`if (!(node.parent && node.parent.type === "TaggedTemplateExpression")) {`
57	`check(node);`
58	`}`
59	`}`
60	`};`
61	`}`
62	`};`