mirror of
https://github.com/joelwmale/webhook-action.git
synced 2024-12-04 21:24:29 +01:00
26 lines
565 B
JavaScript
26 lines
565 B
JavaScript
|
module.exports = function(context) {
|
||
|
const htmlOpenTag = /^<[a-zA-Z]/
|
||
|
const message = 'Unescaped HTML literal. Use html`` tag template literal for secure escaping.'
|
||
|
|
||
|
return {
|
||
|
Literal(node) {
|
||
|
if (!htmlOpenTag.test(node.value)) return
|
||
|
|
||
|
context.report({
|
||
|
node,
|
||
|
message
|
||
|
})
|
||
|
},
|
||
|
TemplateLiteral(node) {
|
||
|
if (!htmlOpenTag.test(node.quasis[0].value.raw)) return
|
||
|
|
||
|
if (!node.parent.tag || node.parent.tag.name !== 'html') {
|
||
|
context.report({
|
||
|
node,
|
||
|
message
|
||
|
})
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|