UNPKG

eslint-plugin-security

Version:

Security rules for eslint

github.com/eslint-community/eslint-plugin-security

eslint-community/eslint-plugin-security

75 lines (68 loc) 3.02 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
'use strict'; const RuleTester = require('eslint').RuleTester; const tester = new RuleTester(); const ruleName = 'detect-bidi-characters'; const Rule = require(`../../rules/${ruleName}`); tester.run(ruleName, Rule, { valid: [ { code: ` var accessLevel = "user"; if (accessLevel != "user") { // Check if admin console.log("You are an admin."); } `, }, ], invalid: [ { code: ` var accessLevel = "user"; if (accessLevel != "user‮ ⁦// Check if admin⁩ ⁦") { console.log("You are an admin."); } `, errors: [ { message: /Detected potential trojan source attack with unicode bidi introduced in this code/i, line: 3, endLine: 3, column: 31, endColumn: 32 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this code/i, line: 3, endLine: 3, column: 33, endColumn: 34 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this code/i, line: 3, endLine: 3, column: 51, endColumn: 52 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this code/i, line: 3, endLine: 3, column: 53, endColumn: 54 }, ], }, ], }); tester.run(`${ruleName} in comment-line`, Rule, { valid: [ { code: ` var isAdmin = false; /* begin admins only */ if (isAdmin) { console.log("You are an admin."); /* end admins only */ } `, }, ], invalid: [ { code: ` var isAdmin = false; /*‮ } ⁦if (isAdmin)⁩ begin admins only */ console.log("You are an admin."); /* end admins only ⁦*/ /* end admins only { ⁦*/ `, errors: [ { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 3, endLine: 3, column: 9, endColumn: 10 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 3, endLine: 3, column: 13, endColumn: 14 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 3, endLine: 3, column: 26, endColumn: 27 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 3, endLine: 3, column: 28, endColumn: 29 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 5, endLine: 5, column: 26, endColumn: 27 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 6, endLine: 6, column: 1, endColumn: 2 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 7, endLine: 7, column: 26, endColumn: 27 }, { message: /Detected potential trojan source attack with unicode bidi introduced in this comment/i, line: 8, endLine: 8, column: 4, endColumn: 5 }, ], }, ], });