From 53f603bf3026a66b0e31abffb74da6921d1e9a34 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Tue, 23 Jan 2018 17:13:49 +0100
Subject: [PATCH] lint: check description for forbidden HTML tags: iframe,
 link, script, etc.

---
 fdroidserver/lint.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fdroidserver/lint.py b/fdroidserver/lint.py
index a5ed3637..0f6252b0 100644
--- a/fdroidserver/lint.py
+++ b/fdroidserver/lint.py
@@ -164,6 +164,10 @@ regex_checks = {
          _("Unnecessary leading space")),
         (re.compile(r'.*\s$'),
          _("Unnecessary trailing space")),
+        (re.compile(r'.*<(iframe|link|script).*'),
+         _("Forbidden HTML tags")),
+        (re.compile(r'''.*\s+src=["']javascript:.*'''),
+         _("Javascript in HTML src attributes")),
     ],
 }