mirror of
https://github.com/joelwmale/webhook-action.git
synced 2024-08-25 08:08:00 +00:00
26 lines
565 B
JavaScript
26 lines
565 B
JavaScript
module.exports = function(context) {
|
|
const htmlOpenTag = /^<[a-zA-Z]/
|
|
const message = 'Unescaped HTML literal. Use html`` tag template literal for secure escaping.'
|
|
|
|
return {
|
|
Literal(node) {
|
|
if (!htmlOpenTag.test(node.value)) return
|
|
|
|
context.report({
|
|
node,
|
|
message
|
|
})
|
|
},
|
|
TemplateLiteral(node) {
|
|
if (!htmlOpenTag.test(node.quasis[0].value.raw)) return
|
|
|
|
if (!node.parent.tag || node.parent.tag.name !== 'html') {
|
|
context.report({
|
|
node,
|
|
message
|
|
})
|
|
}
|
|
}
|
|
}
|
|
}
|