andras/schmelczer-dev
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

polish

Browse source
This commit is contained in:
Andras Schmelczer 2026-05-26 08:28:37 +01:00
parent 2c37e7fa62
commit 31648541a2
39 changed files with 1273 additions and 252 deletions
Download patch file Download diff file Expand all files Collapse all files

6
scripts/check-no-js.mjs
View file

@ -36,9 +36,8 @@ if (jsFiles.length > 0) {
}
// Script tags are only allowed if they declare one of these safe `type`
// attributes (or are tagged with `data-theme-script`). All other scripts —
// including untyped ones, which default to executable JavaScript — are
// flagged.
// attributes (or are tagged with `data-theme-script`). All other scripts,
// including untyped ones, which default to executable JavaScript, are flagged.
const SAFE_SCRIPT_TYPES = new Set([
'application/ld+json',
'importmap',
@ -47,6 +46,7 @@ const SAFE_SCRIPT_TYPES = new Set([
function isSafeScriptTag(tag) {
if (tag.includes('data-theme-script')) return true;
if (tag.includes('data-thumbnail-iframe-script')) return true;
const typeMatch = tag.match(/\btype=["']([^"']+)["']/i);
if (!typeMatch) return false;
return SAFE_SCRIPT_TYPES.has(typeMatch[1].trim().toLowerCase());