"use strict"; /* * SonarQube JavaScript Plugin * Copyright (C) 2011-2025 SonarSource SA * mailto:info AT sonarsource DOT com * * This program is free software; you can redistribute it and/or * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the Sonar Source-Available License for more details. * * You should have received a copy of the Sonar Source-Available License * along with this program; if not, see https://sonarsource.com/license/ssal/ */ // https://sonarsource.github.io/rspec/#/rspec/S6249/javascript Object.defineProperty(exports, "__esModule", { value: true }); exports.rule = void 0; const index_js_1 = require("../helpers/index.js"); const meta_js_1 = require("./meta.js"); const ENFORCE_SSL_KEY = 'enforceSSL'; const messages = { authorized: 'Make sure authorizing HTTP requests is safe here.', omitted: "Omitting 'enforceSSL' authorizes HTTP requests. Make sure it is safe here.", }; exports.rule = (0, index_js_1.S3BucketTemplate)((bucket, context) => { const enforceSSLProperty = (0, index_js_1.getBucketProperty)(context, bucket, ENFORCE_SSL_KEY); if (enforceSSLProperty == null) { context.report({ message: messages['omitted'], node: bucket.callee, }); return; } const enforceSSLValue = (0, index_js_1.getValueOfExpression)(context, enforceSSLProperty.value, 'Literal'); if (enforceSSLValue?.value === false) { context.report({ message: messages['authorized'], node: enforceSSLProperty, }); } }, (0, index_js_1.generateMeta)(meta_js_1.meta));