134 lines
3.7 KiB
JavaScript
134 lines
3.7 KiB
JavaScript
|
/**
|
||
|
* @fileoverview HTML special characters should be escaped.
|
||
|
* @author Patrick Hayes
|
||
|
*/
|
||
|
|
||
|
'use strict';
|
||
|
|
||
|
const docsUrl = require('../util/docsUrl');
|
||
|
const jsxUtil = require('../util/jsx');
|
||
|
const report = require('../util/report');
|
||
|
|
||
|
// ------------------------------------------------------------------------------
|
||
|
// Rule Definition
|
||
|
// ------------------------------------------------------------------------------
|
||
|
|
||
|
// NOTE: '<' and '{' are also problematic characters, but they do not need
|
||
|
// to be included here because it is a syntax error when these characters are
|
||
|
// included accidentally.
|
||
|
const DEFAULTS = [{
|
||
|
char: '>',
|
||
|
alternatives: ['>'],
|
||
|
}, {
|
||
|
char: '"',
|
||
|
alternatives: ['"', '“', '"', '”'],
|
||
|
}, {
|
||
|
char: '\'',
|
||
|
alternatives: [''', '‘', ''', '’'],
|
||
|
}, {
|
||
|
char: '}',
|
||
|
alternatives: ['}'],
|
||
|
}];
|
||
|
|
||
|
const messages = {
|
||
|
unescapedEntity: 'HTML entity, `{{entity}}` , must be escaped.',
|
||
|
unescapedEntityAlts: '`{{entity}}` can be escaped with {{alts}}.',
|
||
|
};
|
||
|
|
||
|
module.exports = {
|
||
|
meta: {
|
||
|
docs: {
|
||
|
description: 'Disallow unescaped HTML entities from appearing in markup',
|
||
|
category: 'Possible Errors',
|
||
|
recommended: true,
|
||
|
url: docsUrl('no-unescaped-entities'),
|
||
|
},
|
||
|
|
||
|
messages,
|
||
|
|
||
|
schema: [{
|
||
|
type: 'object',
|
||
|
properties: {
|
||
|
forbid: {
|
||
|
type: 'array',
|
||
|
items: {
|
||
|
anyOf: [{
|
||
|
type: 'string',
|
||
|
}, {
|
||
|
type: 'object',
|
||
|
properties: {
|
||
|
char: {
|
||
|
type: 'string',
|
||
|
},
|
||
|
alternatives: {
|
||
|
type: 'array',
|
||
|
uniqueItems: true,
|
||
|
items: {
|
||
|
type: 'string',
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
}],
|
||
|
},
|
||
|
},
|
||
|
},
|
||
|
additionalProperties: false,
|
||
|
}],
|
||
|
},
|
||
|
|
||
|
create(context) {
|
||
|
function reportInvalidEntity(node) {
|
||
|
const configuration = context.options[0] || {};
|
||
|
const entities = configuration.forbid || DEFAULTS;
|
||
|
|
||
|
// HTML entities are already escaped in node.value (as well as node.raw),
|
||
|
// so pull the raw text from context.getSourceCode()
|
||
|
for (let i = node.loc.start.line; i <= node.loc.end.line; i++) {
|
||
|
let rawLine = context.getSourceCode().lines[i - 1];
|
||
|
let start = 0;
|
||
|
let end = rawLine.length;
|
||
|
if (i === node.loc.start.line) {
|
||
|
start = node.loc.start.column;
|
||
|
}
|
||
|
if (i === node.loc.end.line) {
|
||
|
end = node.loc.end.column;
|
||
|
}
|
||
|
rawLine = rawLine.slice(start, end);
|
||
|
for (let j = 0; j < entities.length; j++) {
|
||
|
for (let index = 0; index < rawLine.length; index++) {
|
||
|
const c = rawLine[index];
|
||
|
if (typeof entities[j] === 'string') {
|
||
|
if (c === entities[j]) {
|
||
|
report(context, messages.unescapedEntity, 'unescapedEntity', {
|
||
|
node,
|
||
|
loc: { line: i, column: start + index },
|
||
|
data: {
|
||
|
entity: entities[j],
|
||
|
},
|
||
|
});
|
||
|
}
|
||
|
} else if (c === entities[j].char) {
|
||
|
report(context, messages.unescapedEntityAlts, 'unescapedEntityAlts', {
|
||
|
node,
|
||
|
loc: { line: i, column: start + index },
|
||
|
data: {
|
||
|
entity: entities[j].char,
|
||
|
alts: entities[j].alternatives.map((alt) => `\`${alt}\``).join(', '),
|
||
|
},
|
||
|
});
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return {
|
||
|
'Literal, JSXText'(node) {
|
||
|
if (jsxUtil.isJSX(node.parent)) {
|
||
|
reportInvalidEntity(node);
|
||
|
}
|
||
|
},
|
||
|
};
|
||
|
},
|
||
|
};
|