| | | 1 | | using System.Text.RegularExpressions; |
| | | 2 | | |
| | | 3 | | namespace AspxLint.Core.Rules; |
| | | 4 | | |
| | | 5 | | public sealed class Char001UnescapedAmpersand : IRule |
| | | 6 | | { |
| | 199 | 7 | | public string Id => "CHAR-001"; |
| | 26 | 8 | | public string Name => "& non echappe en dehors d'une entite"; |
| | 23 | 9 | | public Severity Severity => Severity.Warning; |
| | | 10 | | public string Description => |
| | 25 | 11 | | "Le caractere & doit etre encode en & sauf s'il commence une entite (<, &, {...). Sinon, validat |
| | 46 | 12 | | public bool HasFix => false; |
| | | 13 | | |
| | | 14 | | // & non suivi d'une entite valide (lookahead negatif). |
| | 5 | 15 | | private static readonly Regex DetectRegex = new( |
| | 5 | 16 | | @"&(?!(?:[a-zA-Z][a-zA-Z0-9]{1,8}|#\d+|#x[0-9a-fA-F]+);)", |
| | 5 | 17 | | RegexOptions.Compiled); |
| | | 18 | | |
| | 5 | 19 | | private static readonly Regex AspOnLine = new(@"<%[\s\S]*?%>", RegexOptions.Compiled); |
| | | 20 | | |
| | | 21 | | public IEnumerable<Issue> Detect(string content, string[] lines, RuleContext ctx) |
| | | 22 | | { |
| | | 23 | | for (int i = 0; i < lines.Length; i++) |
| | | 24 | | { |
| | | 25 | | var line = lines[i]; |
| | | 26 | | // Skip lignes contenant du code serveur — trop d'ambiguite (ex. && en C#). |
| | | 27 | | if (AspOnLine.IsMatch(line)) continue; |
| | | 28 | | |
| | | 29 | | foreach (Match m in DetectRegex.Matches(line)) |
| | | 30 | | { |
| | | 31 | | var from = Math.Max(0, m.Index - 5); |
| | | 32 | | var to = Math.Min(line.Length, m.Index + 10); |
| | | 33 | | yield return new Issue(Id, Name, Severity, |
| | | 34 | | i + 1, m.Index + 1, line[from..to], |
| | | 35 | | "Encoder ce \"&\" en \"&\" si dans du contenu HTML."); |
| | | 36 | | } |
| | | 37 | | } |
| | | 38 | | } |
| | | 39 | | |
| | 4 | 40 | | public string? Fix(string content, RuleContext ctx) => null; |
| | | 41 | | } |