lint: check description for forbidden HTML tags: iframe, link, script, etc.

[fdroidserver.git] / fdroidserver / lint.py

diff --git a/fdroidserver/lint.py b/fdroidserver/lint.py
index a5ed3637dcf35981463a689390a0612fa72bdb51..0f6252b02a1aae9aabe2fbcace59e95903418f61 100644 (file)
--- a/fdroidserver/lint.py
+++ b/fdroidserver/lint.py
@@ -164,6 +164,10 @@ regex_checks = {
          _("Unnecessary leading space")),
         (re.compile(r'.*\s$'),
          _("Unnecessary trailing space")),
+        (re.compile(r'.*<(iframe|link|script).*'),
+         _("Forbidden HTML tags")),
+        (re.compile(r'''.*\s+src=["']javascript:.*'''),
+         _("Javascript in HTML src attributes")),
     ],
 }