Closed or-else closed 5 years ago
https://github.com/braintree/sanitize-url/blob/a396c4c532ac17efd7ec96f1c48855f6e633afd8/index.js#L9
It's a bad practice to call something isAbc when in reality it does not check for Abc:
isAbc
Abc
var relativeFirstCharacters = ['.', '/'] function isRelativeUrl(url) { return relativeFirstCharacters.indexOf(url[0]) > -1; } isRelativeUrl('//malicious-host.example.com/powned.html'); --> true
click me!
The bad naming is not a bug per se but it's a bad practice. Someone may copy this method from your package thinking that the method ensures that the URL is relative.
Would you like to open a pull request?
No, not really. Thanks for offering though.
https://github.com/braintree/sanitize-url/blob/a396c4c532ac17efd7ec96f1c48855f6e633afd8/index.js#L9
It's a bad practice to call something
isAbc
when in reality it does not check forAbc
:click me!
The bad naming is not a bug per se but it's a bad practice. Someone may copy this method from your package thinking that the method ensures that the URL is relative.