website-auditfy
Version:
> Tool for validate your project on SEO, HTML, CSS, JS, TS, Performance, Security and A11Y
137 lines • 6.29 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
return new (P || (P = Promise))(function (resolve, reject) {
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
step((generator = generator.apply(thisArg, _arguments || [])).next());
});
};
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.SecurityModule = void 0;
const audit_model_1 = require("../../models/audit.model");
const eslint_1 = require("eslint");
const pluginSecurity = __importStar(require("eslint-plugin-security"));
const url_utils_1 = require("../../utils/url.utils");
const node_path_1 = __importDefault(require("node:path"));
const glob_1 = require("glob");
const chalk_1 = __importDefault(require("chalk"));
class SecurityModule extends audit_model_1.Audit {
constructor(source, dom, lightHouse, htmlValidator, config) {
super();
this.dom = dom;
this.source = source;
this.config = config;
this.lighthouse = lightHouse;
this.htmlValidator = htmlValidator;
this.name = 'Security';
}
check() {
return __awaiter(this, void 0, void 0, function* () {
const results = [];
const eslintResult = yield this.getEsLintResults();
const ruleImportList = yield this.getRuleImportList(__dirname);
const securityConfigRules = this.getConfigRules();
const ruleInstanceList = ruleImportList.reduce((list, rule) => {
const instance = new rule(this.dom, this.lighthouse.lhr.audits, this.htmlValidator, eslintResult);
list[instance.id] = instance;
return list;
}, {});
for (const [rule, flow] of Object.entries(securityConfigRules)) {
try {
const instance = ruleInstanceList[rule];
instance.ruleFlow = flow;
results.push(...instance.check());
}
catch (e) {
console.log(`\n${chalk_1.default.red('✘')} can't find rule ${rule} on ${this.name} module`);
}
}
return results;
});
}
getEsLintResults() {
return __awaiter(this, void 0, void 0, function* () {
const eslint = new eslint_1.ESLint({
overrideConfigFile: true,
overrideConfig: Object.assign({}, pluginSecurity.configs.recommended)
});
const jsFiles = this.getJavaScriptFiles();
if (jsFiles.length === 0) {
return [];
}
const eslintResult = [];
const urlFileList = jsFiles.filter(x => (x.includes('http') || x.includes('https')));
const staticFileList = jsFiles.filter(x => !(x.includes('http') && x.includes('https')));
const urlFilesContent = urlFileList.map((x) => __awaiter(this, void 0, void 0, function* () { return yield url_utils_1.URLUtils.download(x); }));
for (const urlFile of urlFilesContent) {
const index = urlFilesContent.indexOf(urlFile);
const lintFileResult = yield eslint.lintText(yield urlFile, {
filePath: node_path_1.default.basename(urlFileList[index])
});
eslintResult.push(...lintFileResult);
}
eslintResult.push(...yield eslint.lintFiles(staticFileList));
return eslintResult;
});
}
getJavaScriptFiles() {
const jsFiles = [];
debugger;
if (!this.source.isURL) {
jsFiles.push(...(0, glob_1.globSync)(`${this.source.file.dir}/**/*.js`));
}
this.dom('script').each((i, elem) => {
const src = this.dom(elem).attr('src');
if (src) {
if ((src === null || src === void 0 ? void 0 : src.startsWith("http")) || (src === null || src === void 0 ? void 0 : src.startsWith("https"))) {
jsFiles.push(src);
}
else {
const prefixPath = this.source.isURL ? this.source.url : this.source.file.dir;
jsFiles.push(`${prefixPath}/${src}`);
}
}
});
return [...new Set(jsFiles)];
}
}
exports.SecurityModule = SecurityModule;
//# sourceMappingURL=security.module.js.map