Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
6 contributors

Users who have contributed to this file

@jeddy3 @ZacharyRSmith @CAYdenberg @evilebottnawi @davidtheclark @BenjaminWFox
67 lines (46 sloc) 1.47 KB

function-url-scheme-whitelist

Specify a whitelist of allowed URL schemes.

a { background-image: url('http://www.example.com/file.jpg'); }
/**                        ↑
 *           This URL scheme */

A URL scheme consists of alphanumeric, +, -, and . characters. It can appear at the start of a URL and is followed by :.

This rule ignores:

  • URL arguments without an existing URL scheme
  • URL arguments with variables or variable interpolation ($sass, @less, --custom-property, #{$var}, @{var}, $(var))

Options

array|string|regex: ["array", "of", /schemes/ or "/regex/"]|"scheme"|/regex/

Given:

["data", "/^http/"]

The following patterns are considered violations:

a { background-image: url('file://file.jpg'); }

The following patterns are not considered violations:

a { background-image: url('example.com/file.jpg'); }
a { background-image: url('/example.com/file.jpg'); }
a { background-image: url('//example.com/file.jpg'); }
a { background-image: url('./path/to/file.jpg'); }
a { background-image: url('http://www.example.com/file.jpg'); }
a { background-image: url('https://www.example.com/file.jpg'); }
a { background-image: url('HTTPS://www.example.com/file.jpg'); }
a { background-image: url('data:image/gif;base64,R0lGODlhAQABAIAAAAUEBAAAACwAAAAAAQABAAACAkQBADs='); }
You can’t perform that action at this time.