eslint-plugin-sonarjs
Version:
SonarJS rules for ESLint
47 lines (46 loc) • 2.07 kB
JavaScript
;
/*
* SonarQube JavaScript Plugin
* Copyright (C) 2011-2024 SonarSource SA
* mailto:info AT sonarsource DOT com
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
// https://sonarsource.github.io/rspec/#/rspec/S5743/javascript
Object.defineProperty(exports, "__esModule", { value: true });
exports.rule = void 0;
const helpers_1 = require("../helpers");
const meta_1 = require("./meta");
const MESSAGE = 'Make sure allowing browsers to perform DNS prefetching is safe here.';
exports.rule = {
meta: (0, helpers_1.generateMeta)(meta_1.meta, undefined, true),
create(context) {
return {
CallExpression: (node) => {
const callExpression = node;
const fqn = (0, helpers_1.getFullyQualifiedName)(context, callExpression);
if (fqn === 'helmet.dnsPrefetchControl') {
(0, helpers_1.checkSensitiveCall)(context, callExpression, 0, 'allow', true, MESSAGE);
}
if (fqn === 'helmet') {
(0, helpers_1.checkSensitiveCall)(context, callExpression, 0, 'dnsPrefetchControl', false, MESSAGE);
}
if (fqn === 'dns-prefetch-control') {
(0, helpers_1.checkSensitiveCall)(context, callExpression, 0, 'allow', true, MESSAGE);
}
},
};
},
};