no-unescaped-entities.js
3.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/**
* @fileoverview HTML special characters should be escaped.
* @author Patrick Hayes
*/
'use strict';
const docsUrl = require('../util/docsUrl');
const jsxUtil = require('../util/jsx');
// ------------------------------------------------------------------------------
// Rule Definition
// ------------------------------------------------------------------------------
// NOTE: '<' and '{' are also problematic characters, but they do not need
// to be included here because it is a syntax error when these characters are
// included accidentally.
const DEFAULTS = [{
char: '>',
alternatives: ['>']
}, {
char: '"',
alternatives: ['"', '“', '"', '”']
}, {
char: '\'',
alternatives: [''', '‘', ''', '’']
}, {
char: '}',
alternatives: ['}']
}];
module.exports = {
meta: {
docs: {
description: 'Detect unescaped HTML entities, which might represent malformed tags',
category: 'Possible Errors',
recommended: true,
url: docsUrl('no-unescaped-entities')
},
schema: [{
type: 'object',
properties: {
forbid: {
type: 'array',
items: {
oneOf: [{
type: 'string'
}, {
type: 'object',
properties: {
char: {
type: 'string'
},
alternatives: {
type: 'array',
uniqueItems: true,
items: {
type: 'string'
}
}
}
}]
}
}
},
additionalProperties: false
}]
},
create(context) {
function reportInvalidEntity(node) {
const configuration = context.options[0] || {};
const entities = configuration.forbid || DEFAULTS;
// HTML entites are already escaped in node.value (as well as node.raw),
// so pull the raw text from context.getSourceCode()
for (let i = node.loc.start.line; i <= node.loc.end.line; i++) {
let rawLine = context.getSourceCode().lines[i - 1];
let start = 0;
let end = rawLine.length;
if (i === node.loc.start.line) {
start = node.loc.start.column;
}
if (i === node.loc.end.line) {
end = node.loc.end.column;
}
rawLine = rawLine.substring(start, end);
for (let j = 0; j < entities.length; j++) {
for (let index = 0; index < rawLine.length; index++) {
const c = rawLine[index];
if (typeof entities[j] === 'string') {
if (c === entities[j]) {
context.report({
loc: {line: i, column: start + index},
message: `HTML entity, \`${entities[j]}\` , must be escaped.`,
node
});
}
} else if (c === entities[j].char) {
context.report({
loc: {line: i, column: start + index},
message: `\`${entities[j].char}\` can be escaped with ${entities[j].alternatives.map((alt) => `\`${alt}\``).join(', ')}.`,
node
});
}
}
}
}
}
return {
'Literal, JSXText'(node) {
if (jsxUtil.isJSX(node.parent)) {
reportInvalidEntity(node);
}
}
};
}
};