webhook-action/node_modules/eslint-plugin-github/lib/rules/unescaped-html-literal.js
2022-11-10 20:43:16 +10:00

37 lines
774 B
JavaScript

module.exports = {
meta: {
type: 'problem',
docs: {
description: 'disallow unescaped HTML literals',
url: require('../url')(module)
},
schema: []
},
create(context) {
const htmlOpenTag = /^<[a-zA-Z]/
const message = 'Unescaped HTML literal. Use html`` tag template literal for secure escaping.'
return {
Literal(node) {
if (!htmlOpenTag.test(node.value)) return
context.report({
node,
message
})
},
TemplateLiteral(node) {
if (!htmlOpenTag.test(node.quasis[0].value.raw)) return
if (!node.parent.tag || node.parent.tag.name !== 'html') {
context.report({
node,
message
})
}
}
}
}
}