no-script-url.js
987 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
/**
* @fileoverview Rule to flag when using javascript: urls
* @author Ilya Volodin
*/
/* jshint scripturl: true */
/* eslint no-script-url: 0 */
"use strict";
//------------------------------------------------------------------------------
// Rule Definition
//------------------------------------------------------------------------------
module.exports = {
meta: {
docs: {
description: "disallow `javascript:` urls",
category: "Best Practices",
recommended: false
},
schema: []
},
create(context) {
return {
Literal(node) {
if (node.value && typeof node.value === "string") {
const value = node.value.toLowerCase();
if (value.indexOf("javascript:") === 0) {
context.report({ node, message: "Script URL is a form of eval." });
}
}
}
};
}
};