webhook/node_modules/eslint-plugin-github/lib/rules/unescaped-html-literal.js
Joel Male 1ada95e04a
v2.0.0 (#12)
- Convert project to Javascript/Typescript
- Allow custom headers to be passed in (optional)
- Allow body to be optional
2020-08-26 10:52:47 +10:00

25 lines
565 B
JavaScript

module.exports = function(context) {
const htmlOpenTag = /^<[a-zA-Z]/
const message = 'Unescaped HTML literal. Use html`` tag template literal for secure escaping.'
return {
Literal(node) {
if (!htmlOpenTag.test(node.value)) return
context.report({
node,
message
})
},
TemplateLiteral(node) {
if (!htmlOpenTag.test(node.quasis[0].value.raw)) return
if (!node.parent.tag || node.parent.tag.name !== 'html') {
context.report({
node,
message
})
}
}
}
}