html.correctness.https-equiv.https-equiv
semgrep
Author
unknown
Download Count*
License
The correct attribute name for this meta tag is http-equiv
, not https-equiv
.
Run Locally
Run in CI
Defintion
rules:
- id: https-equiv
metadata:
category: correctness
technology:
- html
references:
- https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta#http-equiv
license: Commons Clause License Condition v1.0[LGPL-2.1-only]
message: The correct attribute name for this meta tag is `http-equiv`, not
`https-equiv`.
severity: ERROR
languages:
- html
pattern-either:
- pattern: <meta ... https-equiv=...>
fix-regex:
regex: https-equiv=
replacement: http-equiv=
Examples
https-equiv.html
<!DOCTYPE html>
<html lang="en-us">
<head>
<meta charset="utf-8" />
<!-- ok: https-equiv -->
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<!-- ruleid: https-equiv -->
<meta https-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<!-- ruleid: https-equiv -->
<meta https-equiv="X-UA-Compatible" content="no closing tag">
<!-- ruleid: https-equiv -->
<meta https-equiv='X-UA-Compatible' content='single brackets'>
<!-- ruleid: https-equiv -->
<meta https-equiv=X-UA-Compatible content=nobrackets>
<!-- ruleid: https-equiv -->
<meta content="backwards" https-equiv="X-UA-Compatible">
<!-- ok: https-equiv -->
<meta rel="stylesheet" href="https-equiv" />
<title>https-equiv test</title>
</head>
</html>
Short Link: https://sg.run/X5RdA