forked from ember-cli/eslint-plugin-ember
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtemplate-link-rel-noopener.js
More file actions
57 lines (54 loc) · 1.71 KB
/
template-link-rel-noopener.js
File metadata and controls
57 lines (54 loc) · 1.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
/** @type {import('eslint').Rule.RuleModule} */
module.exports = {
meta: {
type: 'problem',
docs: {
description: 'require rel="noopener noreferrer" on links with target="_blank"',
category: 'Security',
strictGjs: true,
strictGts: true,
url: 'https://github.com/ember-cli/eslint-plugin-ember/tree/master/docs/rules/template-link-rel-noopener.md',
},
fixable: 'code',
schema: [],
messages: {
missingRel: 'links with target="_blank" must have rel="noopener noreferrer"',
},
},
create(context) {
return {
GlimmerElementNode(node) {
if (node.tag !== 'a') {
return;
}
const targetAttr = node.attributes?.find((a) => a.name === 'target');
if (!targetAttr?.value || targetAttr.value.type !== 'GlimmerTextNode') {
return;
}
if (targetAttr.value.chars !== '_blank') {
return;
}
const relAttr = node.attributes?.find((a) => a.name === 'rel');
const hasProperRel =
relAttr?.value?.type === 'GlimmerTextNode' &&
/noopener/.test(relAttr.value.chars) &&
/noreferrer/.test(relAttr.value.chars);
if (!hasProperRel) {
context.report({
node: targetAttr,
messageId: 'missingRel',
fix(fixer) {
const sourceCode = context.sourceCode;
const openTag = sourceCode.getText(node).match(/^<a[^>]*/)[0];
const insertPos = node.range[0] + openTag.length;
return fixer.insertTextBeforeRange(
[insertPos, insertPos],
' rel="noopener noreferrer"'
);
},
});
}
},
};
},
};