How to use the @hint/utils-network.isHTTPS function in @hint/utils-network
To help you get started, we’ve selected a few @hint/utils-network examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
webhintio / hint / packages / hint-no-protocol-relative-urls / src / hint.ts View on Github 
}
/*
* We need to use getAttribute to get the exact value.
* If we access the src or href properties directly the
* browser already adds http(s):// so we cannot verify.
*/
const url: string = (element.getAttribute('src') || element.getAttribute('href') || '').trim();
if (url.startsWith('//')) {
debug('Protocol relative URL found');
const message = getMessage('noProtocolRelativeUrl', context.language, url);
const severity = isHTTPS(resource) ?
Severity.hint :
Severity.warning;
context.report(
resource,
message,
{
content: url,
element,
severity
});
}
};const validateTarget = (fetchEvent: FetchEnd) => {
const { resource } = fetchEvent;
if (!isHTTPS(resource)) {
debug('HTTPS no detected');
context.report(
resource,
getMessage('siteShouldBeHTTPS', context.language),
{ severity: Severity.error }
);
return;
}
debug('HTTPS detected');
this.targetIsServedOverHTTPS = true;
};const validatePrefixes = (parsedSetCookie: ParsedSetCookieHeader): ValidationMessages => {
const cookieName = parsedSetCookie.name;
const resource = parsedSetCookie.resource || '';
const errors: ValidationMessages = [];
const hasPrefixHttpError = getMessage('hasPrefixHttp', context.language, headerName);
const noPathHasHostPrefixError = getMessage('noPathHasHostPrefix', context.language, headerName);
const hasDomainHostPrefixError = getMessage('hasDomainHostPrefix', context.language, headerName);
if ((cookieName.startsWith('__secure-') || cookieName.startsWith('__host-')) && !isHTTPS(resource)) {
errors.push({ message: hasPrefixHttpError, severity: Severity.error });
}
if (cookieName.startsWith('__host-')) {
if (!parsedSetCookie.path || parsedSetCookie.path !== '/') {
errors.push({ message: noPathHasHostPrefixError, severity: Severity.error });
}
if (parsedSetCookie.domain) {
errors.push({ message: hasDomainHostPrefixError, severity: Severity.error });
}
}
return errors;
};const updateDomainsInfo = (resource: string) => {
const resourceUrl = new URL(resource);
uniqueDomains.add(resourceUrl.hostname);
if (isHTTPS(resource)) {
secureDomains.add(resourceUrl.hostname);
}
};const headerValue: string = normalizeString(response.headers && response.headers['strict-transport-security']);
if (!isHTTPS(resource) && headerValue) {
const message = getMessage('noOverHTTP', context.language);
context.report(resource, message, {
codeLanguage: 'http',
codeSnippet: `Strict-Transport-Security: ${headerValue}`,
element,
severity: Severity.warning
});
return;
}
if (!isHTTPS(resource) && !headerValue) {
const urlObject = new URL(resource);
if (unsupportedDomains.has(urlObject.host)) {
debug(`${resource} ignored because the domain ${urlObject.host} does not support HTTPS.`);
return;
}
const httpsResource = url.format({ ...urlObject, protocol: `https` });
try {
const networkData: NetworkData = await context.fetchContent(httpsResource);
if (!networkData || !networkData.response) {
return;
}const validate = async ({ element, resource, response }: FetchEnd) => {
if (!isRegularProtocol(resource)) {
debug(`Check does not apply for non HTTP(s) URIs`);
return;
}
const headerValue: string = normalizeString(response.headers && response.headers['strict-transport-security']);
if (!isHTTPS(resource) && headerValue) {
const message = getMessage('noOverHTTP', context.language);
context.report(resource, message, {
codeLanguage: 'http',
codeSnippet: `Strict-Transport-Security: ${headerValue}`,
element,
severity: Severity.warning
});
return;
}
if (!isHTTPS(resource) && !headerValue) {
const urlObject = new URL(resource);
if (unsupportedDomains.has(urlObject.host)) {
Popular @hint/utils-network functions
- @hint/utils-network.asPathString
- @hint/utils-network.getAsUri
- @hint/utils-network.getAsUris
- @hint/utils-network.includedHeaders
- @hint/utils-network.isDataURI
- @hint/utils-network.isHTMLDocument
- @hint/utils-network.isHTTP
- @hint/utils-network.isHTTPS
- @hint/utils-network.isLocalFile
- @hint/utils-network.isRegularProtocol
- @hint/utils-network.normalizeHeaderValue
- @hint/utils-network.requestAsync