eslint-plugin-sdl-2 1.0.4

package/dist/rules/no-electron-webview-allowpopups.js

@@ -0,0 +1,85 @@
+import { createRule } from "../_internal/create-rule.js";
+const isJsxWebviewElement = (node) => {
+    if (node.name.type === "JSXIdentifier") {
+        return node.name.name.toLowerCase() === "webview";
+    }
+    return false;
+};
+const getJsxAttributeName = (attributeNode) => {
+    if (attributeNode.name.type !== "JSXIdentifier") {
+        return undefined;
+    }
+    return attributeNode.name.name.toLowerCase();
+};
+const isTruthyJsxAttributeValue = (attributeValue) => {
+    if (attributeValue === null) {
+        return true;
+    }
+    if (attributeValue.type === "Literal") {
+        if (typeof attributeValue.value === "boolean") {
+            return attributeValue.value;
+        }
+        if (typeof attributeValue.value === "string") {
+            return attributeValue.value.toLowerCase() !== "false";
+        }
+        return false;
+    }
+    if (attributeValue.type !== "JSXExpressionContainer") {
+        return false;
+    }
+    if (attributeValue.expression.type === "Literal" &&
+        typeof attributeValue.expression.value === "boolean") {
+        return attributeValue.expression.value;
+    }
+    return true;
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            JSXOpeningElement(node) {
+                if (!isJsxWebviewElement(node)) {
+                    return;
+                }
+                for (const attributeNode of node.attributes) {
+                    if (attributeNode.type !== "JSXAttribute") {
+                        continue;
+                    }
+                    if (getJsxAttributeName(attributeNode) !== "allowpopups") {
+                        continue;
+                    }
+                    if (!isTruthyJsxAttributeValue(attributeNode.value)) {
+                        continue;
+                    }
+                    context.report({
+                        fix(fixer) {
+                            return fixer.remove(attributeNode);
+                        },
+                        messageId: "default",
+                        node: attributeNode,
+                    });
+                }
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow enabling allowpopups in Electron webview elements.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-electron-webview-allowpopups",
+        },
+        fixable: "code",
+        messages: {
+            default: "Do not enable allowpopups on Electron webview elements.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-electron-webview-allowpopups",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-electron-webview-allowpopups.js.map

package/dist/rules/no-electron-webview-allowpopups.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-electron-webview-allowpopups.js","sourceRoot":"","sources":["../../src/rules/no-electron-webview-allowpopups.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,mBAAmB,GAAG,CAAC,IAAgC,EAAW,EAAE;IACtE,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QACrC,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC;IACtD,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF,MAAM,mBAAmB,GAAG,CACxB,aAAoC,EAClB,EAAE;IACpB,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QAC9C,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;AACjD,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAC9B,cAA8C,EACvC,EAAE;IACT,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,OAAO,cAAc,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC5C,OAAO,cAAc,CAAC,KAAK,CAAC;QAChC,CAAC;QAED,IAAI,OAAO,cAAc,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC3C,OAAO,cAAc,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC;QAC1D,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,wBAAwB,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IACI,cAAc,CAAC,UAAU,CAAC,IAAI,KAAK,SAAS;QAC5C,OAAO,cAAc,CAAC,UAAU,CAAC,KAAK,KAAK,SAAS,EACtD,CAAC;QACC,OAAO,cAAc,CAAC,UAAU,CAAC,KAAK,CAAC;IAC3C,CAAC;IAED,OAAO,IAAI,CAAC;AAChB,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,iBAAiB,CAAC,IAAgC;gBAC9C,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,OAAO;gBACX,CAAC;gBAED,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBAC1C,IAAI,aAAa,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;wBACxC,SAAS;oBACb,CAAC;oBAED,IAAI,mBAAmB,CAAC,aAAa,CAAC,KAAK,aAAa,EAAE,CAAC;wBACvD,SAAS;oBACb,CAAC;oBAED,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;wBAClD,SAAS;oBACb,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACX,GAAG,CAAC,KAAK;4BACL,OAAO,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;wBACvC,CAAC;wBACD,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,aAAa;qBACtB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,6DAA6D;YACjE,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,6FAA6F;SACrG;QACD,OAAO,EAAE,MAAM;QACf,QAAQ,EAAE;YACN,OAAO,EAAE,yDAAyD;SACrE;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,iCAAiC;CAC1C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-electron-webview-insecure-webpreferences.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-electron-webview-insecure-webpreferences.d.ts.map

package/dist/rules/no-electron-webview-insecure-webpreferences.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-electron-webview-insecure-webpreferences.d.ts","sourceRoot":"","sources":["../../src/rules/no-electron-webview-insecure-webpreferences.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AA+CzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA+DtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-electron-webview-insecure-webpreferences.js

@@ -0,0 +1,88 @@
+import { arrayJoin, isEmpty } from "ts-extras";
+import { createRule } from "../_internal/create-rule.js";
+import { getStaticJsxAttributeStringValue } from "../_internal/estree-utils.js";
+const UNSAFE_WEBPREFERENCES_PATTERNS = [
+    {
+        flagName: "allowRunningInsecureContent",
+        pattern: /\ballowrunninginsecurecontent\s*=\s*(?:1|on|true|yes)\b/iu,
+    },
+    {
+        flagName: "contextIsolation",
+        pattern: /\bcontextisolation\s*=\s*(?:0|false|no|off)\b/iu,
+    },
+    {
+        flagName: "experimentalFeatures",
+        pattern: /\bexperimentalfeatures\s*=\s*(?:1|on|true|yes)\b/iu,
+    },
+    {
+        flagName: "sandbox",
+        pattern: /\bsandbox\s*=\s*(?:0|false|no|off)\b/iu,
+    },
+    {
+        flagName: "webSecurity",
+        pattern: /\bwebsecurity\s*=\s*(?:0|false|no|off)\b/iu,
+    },
+];
+const isJsxWebviewElement = (node) => node.name.type === "JSXIdentifier" &&
+    node.name.name.toLowerCase() === "webview";
+const getJsxAttributeName = (attributeNode) => {
+    if (attributeNode.name.type === "JSXIdentifier") {
+        return attributeNode.name.name.toLowerCase();
+    }
+    return `${attributeNode.name.namespace.name}:${attributeNode.name.name.name}`.toLowerCase();
+};
+const getUnsafeWebPreferencesFlags = (attributeValue) => UNSAFE_WEBPREFERENCES_PATTERNS.flatMap(({ flagName, pattern }) => pattern.test(attributeValue) ? [flagName] : []);
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            JSXOpeningElement(node) {
+                if (!isJsxWebviewElement(node)) {
+                    return;
+                }
+                for (const attributeNode of node.attributes) {
+                    if (attributeNode.type !== "JSXAttribute") {
+                        continue;
+                    }
+                    if (getJsxAttributeName(attributeNode) !== "webpreferences") {
+                        continue;
+                    }
+                    const staticValue = getStaticJsxAttributeStringValue(attributeNode.value);
+                    if (typeof staticValue !== "string") {
+                        continue;
+                    }
+                    const unsafeFlags = getUnsafeWebPreferencesFlags(staticValue);
+                    if (isEmpty(unsafeFlags)) {
+                        continue;
+                    }
+                    context.report({
+                        data: {
+                            flags: arrayJoin(unsafeFlags, ", "),
+                        },
+                        messageId: "default",
+                        node: attributeNode,
+                    });
+                }
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow unsafe Electron webview webpreferences string flags.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-electron-webview-insecure-webpreferences",
+        },
+        messages: {
+            default: "Do not enable unsafe Electron webview webpreferences flags: {{flags}}.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-electron-webview-insecure-webpreferences",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-electron-webview-insecure-webpreferences.js.map

package/dist/rules/no-electron-webview-insecure-webpreferences.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-electron-webview-insecure-webpreferences.js","sourceRoot":"","sources":["../../src/rules/no-electron-webview-insecure-webpreferences.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAE/C,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,gCAAgC,EAAE,MAAM,8BAA8B,CAAC;AAIhF,MAAM,8BAA8B,GAAG;IACnC;QACI,QAAQ,EAAE,6BAA6B;QACvC,OAAO,EAAE,2DAA2D;KACvE;IACD;QACI,QAAQ,EAAE,kBAAkB;QAC5B,OAAO,EAAE,iDAAiD;KAC7D;IACD;QACI,QAAQ,EAAE,sBAAsB;QAChC,OAAO,EAAE,oDAAoD;KAChE;IACD;QACI,QAAQ,EAAE,SAAS;QACnB,OAAO,EAAE,wCAAwC;KACpD;IACD;QACI,QAAQ,EAAE,aAAa;QACvB,OAAO,EAAE,4CAA4C;KACxD;CACK,CAAC;AAEX,MAAM,mBAAmB,GAAG,CAAC,IAAgC,EAAW,EAAE,CACtE,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe;IAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC;AAE/C,MAAM,mBAAmB,GAAG,CAAC,aAAoC,EAAU,EAAE;IACzE,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QAC9C,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;IACjD,CAAC;IAED,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;AAChG,CAAC,CAAC;AAEF,MAAM,4BAA4B,GAAG,CACjC,cAAsB,EACL,EAAE,CACnB,8BAA8B,CAAC,OAAO,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE,CAC7D,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CACjD,CAAC;AAEN,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,iBAAiB,CAAC,IAAgC;gBAC9C,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,OAAO;gBACX,CAAC;gBAED,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBAC1C,IAAI,aAAa,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;wBACxC,SAAS;oBACb,CAAC;oBAED,IACI,mBAAmB,CAAC,aAAa,CAAC,KAAK,gBAAgB,EACzD,CAAC;wBACC,SAAS;oBACb,CAAC;oBAED,MAAM,WAAW,GAAG,gCAAgC,CAChD,aAAa,CAAC,KAAK,CACtB,CAAC;oBAEF,IAAI,OAAO,WAAW,KAAK,QAAQ,EAAE,CAAC;wBAClC,SAAS;oBACb,CAAC;oBAED,MAAM,WAAW,GACb,4BAA4B,CAAC,WAAW,CAAC,CAAC;oBAE9C,IAAI,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;wBACvB,SAAS;oBACb,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACX,IAAI,EAAE;4BACF,KAAK,EAAE,SAAS,CAAC,WAAW,EAAE,IAAI,CAAC;yBACtC;wBACD,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,aAAa;qBACtB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,+DAA+D;YACnE,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,yGAAyG;SACjH;QACD,QAAQ,EAAE;YACN,OAAO,EACH,wEAAwE;SAC/E;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,6CAA6C;CACtD,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-electron-webview-node-integration.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-electron-webview-node-integration.d.ts.map

package/dist/rules/no-electron-webview-node-integration.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-electron-webview-node-integration.d.ts","sourceRoot":"","sources":["../../src/rules/no-electron-webview-node-integration.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AA2EzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAoEtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-electron-webview-node-integration.js

@@ -0,0 +1,107 @@
+import { createRule } from "../_internal/create-rule.js";
+const isJsxWebviewElement = (node) => node.name.type === "JSXIdentifier" &&
+    node.name.name.toLowerCase() === "webview";
+const getJsxAttributeName = (attributeNode) => {
+    if (attributeNode.name.type === "JSXIdentifier") {
+        return attributeNode.name.name.toLowerCase();
+    }
+    return `${attributeNode.name.namespace.name}:${attributeNode.name.name.name}`.toLowerCase();
+};
+const isNodeIntegrationAttribute = (attributeName) => {
+    const normalizedName = attributeName.toLowerCase();
+    return (normalizedName === "nodeintegration" ||
+        normalizedName === "nodeintegrationinsubframes");
+};
+const isTruthyJsxAttributeValue = (attributeValue) => {
+    if (attributeValue === null) {
+        return true;
+    }
+    if (attributeValue.type === "Literal") {
+        if (typeof attributeValue.value === "boolean") {
+            return attributeValue.value;
+        }
+        if (typeof attributeValue.value === "string") {
+            return attributeValue.value.toLowerCase() !== "false";
+        }
+        return false;
+    }
+    if (attributeValue.type !== "JSXExpressionContainer") {
+        return false;
+    }
+    if (attributeValue.expression.type === "Literal" &&
+        typeof attributeValue.expression.value === "boolean") {
+        return attributeValue.expression.value;
+    }
+    return true;
+};
+const webPreferencesHasNodeIntegration = (attributeValue) => {
+    if (attributeValue === null) {
+        return false;
+    }
+    if (attributeValue.type === "Literal" &&
+        typeof attributeValue.value === "string") {
+        return /\bnodeintegration\b/iu.test(attributeValue.value);
+    }
+    return false;
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            JSXOpeningElement(node) {
+                if (!isJsxWebviewElement(node)) {
+                    return;
+                }
+                for (const attributeNode of node.attributes) {
+                    if (attributeNode.type !== "JSXAttribute") {
+                        continue;
+                    }
+                    const attributeName = getJsxAttributeName(attributeNode);
+                    if (isNodeIntegrationAttribute(attributeName)) {
+                        if (!isTruthyJsxAttributeValue(attributeNode.value)) {
+                            continue;
+                        }
+                        context.report({
+                            fix(fixer) {
+                                return fixer.remove(attributeNode);
+                            },
+                            messageId: "default",
+                            node: attributeNode,
+                        });
+                        continue;
+                    }
+                    if (attributeName !== "webpreferences") {
+                        continue;
+                    }
+                    if (!webPreferencesHasNodeIntegration(attributeNode.value)) {
+                        continue;
+                    }
+                    context.report({
+                        messageId: "default",
+                        node: attributeNode,
+                    });
+                }
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow node integration flags on Electron webview elements.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-electron-webview-node-integration",
+        },
+        fixable: "code",
+        messages: {
+            default: "Do not enable node integration options on Electron webview elements.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-electron-webview-node-integration",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-electron-webview-node-integration.js.map

package/dist/rules/no-electron-webview-node-integration.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-electron-webview-node-integration.js","sourceRoot":"","sources":["../../src/rules/no-electron-webview-node-integration.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,mBAAmB,GAAG,CAAC,IAAgC,EAAW,EAAE,CACtE,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe;IAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC;AAE/C,MAAM,mBAAmB,GAAG,CAAC,aAAoC,EAAU,EAAE;IACzE,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QAC9C,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;IACjD,CAAC;IAED,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;AAChG,CAAC,CAAC;AAEF,MAAM,0BAA0B,GAAG,CAAC,aAAqB,EAAW,EAAE;IAClE,MAAM,cAAc,GAAG,aAAa,CAAC,WAAW,EAAE,CAAC;IAEnD,OAAO,CACH,cAAc,KAAK,iBAAiB;QACpC,cAAc,KAAK,4BAA4B,CAClD,CAAC;AACN,CAAC,CAAC;AAEF,MAAM,yBAAyB,GAAG,CAC9B,cAA8C,EACvC,EAAE;IACT,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QACpC,IAAI,OAAO,cAAc,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YAC5C,OAAO,cAAc,CAAC,KAAK,CAAC;QAChC,CAAC;QAED,IAAI,OAAO,cAAc,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC3C,OAAO,cAAc,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC;QAC1D,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,cAAc,CAAC,IAAI,KAAK,wBAAwB,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IACI,cAAc,CAAC,UAAU,CAAC,IAAI,KAAK,SAAS;QAC5C,OAAO,cAAc,CAAC,UAAU,CAAC,KAAK,KAAK,SAAS,EACtD,CAAC;QACC,OAAO,cAAc,CAAC,UAAU,CAAC,KAAK,CAAC;IAC3C,CAAC;IAED,OAAO,IAAI,CAAC;AAChB,CAAC,CAAC;AAEF,MAAM,gCAAgC,GAAG,CACrC,cAA8C,EACvC,EAAE;IACT,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IACI,cAAc,CAAC,IAAI,KAAK,SAAS;QACjC,OAAO,cAAc,CAAC,KAAK,KAAK,QAAQ,EAC1C,CAAC;QACC,OAAO,uBAAuB,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO,KAAK,CAAC;AACjB,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,iBAAiB,CAAC,IAAgC;gBAC9C,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,OAAO;gBACX,CAAC;gBAED,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;oBAC1C,IAAI,aAAa,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;wBACxC,SAAS;oBACb,CAAC;oBAED,MAAM,aAAa,GAAG,mBAAmB,CAAC,aAAa,CAAC,CAAC;oBAEzD,IAAI,0BAA0B,CAAC,aAAa,CAAC,EAAE,CAAC;wBAC5C,IAAI,CAAC,yBAAyB,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;4BAClD,SAAS;wBACb,CAAC;wBAED,OAAO,CAAC,MAAM,CAAC;4BACX,GAAG,CAAC,KAAK;gCACL,OAAO,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;4BACvC,CAAC;4BACD,SAAS,EAAE,SAAS;4BACpB,IAAI,EAAE,aAAa;yBACtB,CAAC,CAAC;wBAEH,SAAS;oBACb,CAAC;oBAED,IAAI,aAAa,KAAK,gBAAgB,EAAE,CAAC;wBACrC,SAAS;oBACb,CAAC;oBAED,IACI,CAAC,gCAAgC,CAAC,aAAa,CAAC,KAAK,CAAC,EACxD,CAAC;wBACC,SAAS;oBACb,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACX,SAAS,EAAE,SAAS;wBACpB,IAAI,EAAE,aAAa;qBACtB,CAAC,CAAC;gBACP,CAAC;YACL,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,+DAA+D;YACnE,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kGAAkG;SAC1G;QACD,OAAO,EAAE,MAAM;QACf,QAAQ,EAAE;YACN,OAAO,EACH,sEAAsE;SAC7E;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sCAAsC;CAC/C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-html-method.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-html-method.d.ts.map

package/dist/rules/no-html-method.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-html-method.d.ts","sourceRoot":"","sources":["../../src/rules/no-html-method.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CA6CtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-html-method.js

@@ -0,0 +1,42 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            "CallExpression[arguments.length=1] > MemberExpression.callee[property.name='html']"(node) {
+                const parentCall = node.parent;
+                if (parentCall.type !== "CallExpression") {
+                    return;
+                }
+                const [firstArgument] = parentCall.arguments;
+                if (firstArgument?.type === "Literal" &&
+                    (firstArgument.value === "" || firstArgument.value === null)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow direct html(...) DOM writes (for example jQuery html()) that bypass sanitization.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-html-method",
+        },
+        messages: {
+            default: "Do not write to the DOM directly using html(...).",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-html-method",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-html-method.js.map

package/dist/rules/no-html-method.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-html-method.js","sourceRoot":"","sources":["../../src/rules/no-html-method.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAEzD,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAC;IACnD,MAAM,CAAC,OAAO;QACV,OAAO;YACH,oFAAoF,CAChF,IAA+B;gBAE/B,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC;gBAE/B,IAAI,UAAU,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;oBACvC,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,aAAa,CAAC,GAAG,UAAU,CAAC,SAAS,CAAC;gBAE7C,IACI,aAAa,EAAE,IAAI,KAAK,SAAS;oBACjC,CAAC,aAAa,CAAC,KAAK,KAAK,EAAE,IAAI,aAAa,CAAC,KAAK,KAAK,IAAI,CAAC,EAC9D,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,SAAS,EAAE,SAAS;oBACpB,IAAI;iBACP,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,4FAA4F;YAChG,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,4EAA4E;SACpF;QACD,QAAQ,EAAE;YACN,OAAO,EAAE,mDAAmD;SAC/D;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,gBAAgB;CACzB,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-http-request-to-insecure-protocol.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-http-request-to-insecure-protocol.d.ts.map

package/dist/rules/no-http-request-to-insecure-protocol.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-http-request-to-insecure-protocol.d.ts","sourceRoot":"","sources":["../../src/rules/no-http-request-to-insecure-protocol.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAkEzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAoEtC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-http-request-to-insecure-protocol.js

@@ -0,0 +1,94 @@
+import { arrayFirst } from "ts-extras";
+import { createRule } from "../_internal/create-rule.js";
+const getMemberPropertyName = (memberExpression) => {
+    if (!memberExpression.computed &&
+        memberExpression.property.type === "Identifier") {
+        return memberExpression.property.name;
+    }
+    if (memberExpression.property.type === "Literal" &&
+        typeof memberExpression.property.value === "string") {
+        return memberExpression.property.value;
+    }
+    return undefined;
+};
+const getStaticStringValue = (node) => {
+    if (node.type === "Literal" && typeof node.value === "string") {
+        return node.value;
+    }
+    if (node.type === "TemplateLiteral" && node.expressions.length === 0) {
+        return arrayFirst(node.quasis)?.value.cooked ?? undefined;
+    }
+    return undefined;
+};
+const isInsecureHttpUrl = (value) => /^http:\/\//iu.test(value.trim());
+const isTargetRequestMethod = (node) => {
+    if (node.callee.type === "Identifier") {
+        return node.callee.name === "fetch";
+    }
+    if (node.callee.type !== "MemberExpression") {
+        return false;
+    }
+    const methodName = getMemberPropertyName(node.callee);
+    if (methodName !== "request" && methodName !== "get") {
+        return false;
+    }
+    if (node.callee.object.type !== "Identifier") {
+        return false;
+    }
+    return (node.callee.object.name === "http" ||
+        node.callee.object.name === "https");
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        return {
+            CallExpression(node) {
+                if (!isTargetRequestMethod(node)) {
+                    return;
+                }
+                const [firstArgument] = node.arguments;
+                if (firstArgument === undefined ||
+                    firstArgument.type === "SpreadElement") {
+                    return;
+                }
+                const firstArgumentValue = getStaticStringValue(firstArgument);
+                if (typeof firstArgumentValue !== "string" ||
+                    !isInsecureHttpUrl(firstArgumentValue)) {
+                    return;
+                }
+                context.report({
+                    fix(fixer) {
+                        const sourceText = context.sourceCode.getText(firstArgument);
+                        const fixedSourceText = sourceText.replace(/^(?<quote>["'`]?)http:\/\//iu, "$<quote>https://");
+                        if (fixedSourceText === sourceText) {
+                            return null;
+                        }
+                        return fixer.replaceText(firstArgument, fixedSourceText);
+                    },
+                    messageId: "default",
+                    node: firstArgument,
+                });
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow Node HTTP client calls that use insecure http:// URLs.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-http-request-to-insecure-protocol",
+        },
+        fixable: "code",
+        messages: {
+            default: "Use HTTPS endpoints instead of insecure http:// URLs.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-http-request-to-insecure-protocol",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-http-request-to-insecure-protocol.js.map

package/dist/rules/no-http-request-to-insecure-protocol.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-http-request-to-insecure-protocol.js","sourceRoot":"","sources":["../../src/rules/no-http-request-to-insecure-protocol.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAEvC,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAIzD,MAAM,qBAAqB,GAAG,CAC1B,gBAA2C,EACzB,EAAE;IACpB,IACI,CAAC,gBAAgB,CAAC,QAAQ;QAC1B,gBAAgB,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EACjD,CAAC;QACC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC1C,CAAC;IAED,IACI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,KAAK,SAAS;QAC5C,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,KAAK,QAAQ,EACrD,CAAC;QACC,OAAO,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC;IAC3C,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,CACzB,IAAyB,EACP,EAAE;IACpB,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC5D,OAAO,IAAI,CAAC,KAAK,CAAC;IACtB,CAAC;IAED,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnE,OAAO,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,MAAM,IAAI,SAAS,CAAC;IAC9D,CAAC;IAED,OAAO,SAAS,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,KAAa,EAAW,EAAE,CACjD,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;AAEtC,MAAM,qBAAqB,GAAG,CAAC,IAA6B,EAAW,EAAE;IACrE,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QACpC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO,CAAC;IACxC,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,MAAM,UAAU,GAAG,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAEtD,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,KAAK,KAAK,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAC3C,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,OAAO,CACH,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;QAClC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO,CACtC,CAAC;AACN,CAAC,CAAC;AAEF,2BAA2B;AAC3B,MAAM,IAAI,GAAkC,UAAU,CAAwB;IAC1E,MAAM,CAAC,OAAO;QACV,OAAO;YACH,cAAc,CAAC,IAA6B;gBACxC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/B,OAAO;gBACX,CAAC;gBAED,MAAM,CAAC,aAAa,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;gBAEvC,IACI,aAAa,KAAK,SAAS;oBAC3B,aAAa,CAAC,IAAI,KAAK,eAAe,EACxC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,MAAM,kBAAkB,GAAG,oBAAoB,CAAC,aAAa,CAAC,CAAC;gBAE/D,IACI,OAAO,kBAAkB,KAAK,QAAQ;oBACtC,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,EACxC,CAAC;oBACC,OAAO;gBACX,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACX,GAAG,CAAC,KAAK;wBACL,MAAM,UAAU,GACZ,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;wBAC9C,MAAM,eAAe,GAAG,UAAU,CAAC,OAAO,CACtC,8BAA8B,EAC9B,kBAAkB,CACrB,CAAC;wBAEF,IAAI,eAAe,KAAK,UAAU,EAAE,CAAC;4BACjC,OAAO,IAAI,CAAC;wBAChB,CAAC;wBAED,OAAO,KAAK,CAAC,WAAW,CACpB,aAAa,EACb,eAAe,CAClB,CAAC;oBACN,CAAC;oBACD,SAAS,EAAE,SAAS;oBACpB,IAAI,EAAE,aAAa;iBACtB,CAAC,CAAC;YACP,CAAC;SACJ,CAAC;IACN,CAAC;IACD,cAAc,EAAE,EAAE;IAClB,IAAI,EAAE;QACF,UAAU,EAAE,KAAK;QACjB,IAAI,EAAE;YACF,WAAW,EACP,iEAAiE;YACrE,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,KAAK;YAClB,GAAG,EAAE,kGAAkG;SAC1G;QACD,OAAO,EAAE,MAAM;QACf,QAAQ,EAAE;YACN,OAAO,EAAE,uDAAuD;SACnE;QACD,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,SAAS;KAClB;IACD,IAAI,EAAE,sCAAsC;CAC/C,CAAC,CAAC;AAEH,eAAe,IAAI,CAAC;AACpB,iIAAiI"}

package/dist/rules/no-iframe-srcdoc.d.ts

@@ -0,0 +1,5 @@
+import { createRule } from "../_internal/create-rule.js";
+/** Rule implementation. */
+declare const rule: ReturnType<typeof createRule>;
+export default rule;
+//# sourceMappingURL=no-iframe-srcdoc.d.ts.map

package/dist/rules/no-iframe-srcdoc.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-iframe-srcdoc.d.ts","sourceRoot":"","sources":["../../src/rules/no-iframe-srcdoc.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAqFzD,2BAA2B;AAC3B,QAAA,MAAM,IAAI,EAAE,UAAU,CAAC,OAAO,UAAU,CAgItC,CAAC;AAEH,eAAe,IAAI,CAAC"}

package/dist/rules/no-iframe-srcdoc.js

@@ -0,0 +1,144 @@
+import { getFullTypeChecker, getNodeTypeAsString, } from "../_internal/ast-utils.js";
+import { createRule } from "../_internal/create-rule.js";
+import { getMemberPropertyName, getStaticJsxAttributeStringValue, getStaticStringValue, } from "../_internal/estree-utils.js";
+const isJsxIframeElement = (node) => {
+    if (node.name.type !== "JSXIdentifier") {
+        return false;
+    }
+    return node.name.name.toLowerCase() === "iframe";
+};
+const getJsxAttributeName = (attributeNode) => {
+    if (attributeNode.name.type !== "JSXIdentifier") {
+        return undefined;
+    }
+    return attributeNode.name.name.toLowerCase();
+};
+const isCreateElementIFrameCall = (node) => {
+    if (node.type !== "CallExpression" ||
+        node.callee.type !== "MemberExpression") {
+        return false;
+    }
+    if (getMemberPropertyName(node.callee) !== "createElement") {
+        return false;
+    }
+    const [firstArgument] = node.arguments;
+    return (firstArgument !== undefined &&
+        firstArgument.type !== "SpreadElement" &&
+        getStaticStringValue(firstArgument) === "iframe");
+};
+const isLikelyIFrameElement = (node, context, fullTypeChecker) => {
+    if (fullTypeChecker !== undefined) {
+        const nodeType = getNodeTypeAsString(fullTypeChecker, node, context);
+        if (nodeType === "any" || nodeType.includes("HTMLIFrameElement")) {
+            return true;
+        }
+    }
+    if (isCreateElementIFrameCall(node)) {
+        return true;
+    }
+    if (node.type === "Identifier") {
+        const normalizedName = node.name.toLowerCase();
+        return normalizedName === "frame" || normalizedName.endsWith("iframe");
+    }
+    if (node.type !== "MemberExpression") {
+        return false;
+    }
+    const propertyName = getMemberPropertyName(node);
+    if (typeof propertyName !== "string") {
+        return false;
+    }
+    return propertyName.toLowerCase().endsWith("iframe");
+};
+/** Rule implementation. */
+const rule = createRule({
+    create(context) {
+        const fullTypeChecker = getFullTypeChecker(context);
+        return {
+            AssignmentExpression(node) {
+                if (node.left.type !== "MemberExpression") {
+                    return;
+                }
+                if (getMemberPropertyName(node.left) !== "srcdoc") {
+                    return;
+                }
+                if (getStaticStringValue(node.right) === "") {
+                    return;
+                }
+                if (!isLikelyIFrameElement(node.left.object, context, fullTypeChecker)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node: node.right,
+                });
+            },
+            CallExpression(node) {
+                if (node.callee.type !== "MemberExpression") {
+                    return;
+                }
+                const methodName = getMemberPropertyName(node.callee);
+                if (methodName !== "setAttribute" &&
+                    methodName !== "setAttributeNS") {
+                    return;
+                }
+                const [firstArgument, secondArgument] = node.arguments;
+                if (firstArgument === undefined ||
+                    firstArgument.type === "SpreadElement" ||
+                    getStaticStringValue(firstArgument) !== "srcdoc") {
+                    return;
+                }
+                if (secondArgument === undefined ||
+                    secondArgument.type === "SpreadElement" ||
+                    getStaticStringValue(secondArgument) === "") {
+                    return;
+                }
+                if (!isLikelyIFrameElement(node.callee.object, context, fullTypeChecker)) {
+                    return;
+                }
+                context.report({
+                    messageId: "default",
+                    node: secondArgument,
+                });
+            },
+            JSXOpeningElement(node) {
+                if (!isJsxIframeElement(node)) {
+                    return;
+                }
+                for (const attributeNode of node.attributes) {
+                    if (attributeNode.type !== "JSXAttribute") {
+                        continue;
+                    }
+                    if (getJsxAttributeName(attributeNode) !== "srcdoc") {
+                        continue;
+                    }
+                    if (getStaticJsxAttributeStringValue(attributeNode.value) === "") {
+                        continue;
+                    }
+                    context.report({
+                        messageId: "default",
+                        node: attributeNode,
+                    });
+                }
+            },
+        };
+    },
+    defaultOptions: [],
+    meta: {
+        deprecated: false,
+        docs: {
+            description: "disallow iframe srcdoc assignments and JSX srcDoc attributes that embed inline HTML documents.",
+            frozen: false,
+            recommended: false,
+            url: "https://nick2bad4u.github.io/eslint-plugin-SDL-2/docs/rules/no-iframe-srcdoc",
+        },
+        messages: {
+            default: "Do not populate iframe srcdoc with inline HTML; load a reviewed document URL instead.",
+        },
+        schema: [],
+        type: "problem",
+    },
+    name: "no-iframe-srcdoc",
+});
+export default rule;
+/* eslint-enable @typescript-eslint/prefer-readonly-parameter-types -- Restore linting after rule implementation declarations. */
+//# sourceMappingURL=no-iframe-srcdoc.js.map