package org.sonar.plugins.html.checks.security;

import org.sonar.check.Rule;
import org.sonar.plugins.html.checks.AbstractPageCheck;
import org.sonar.plugins.html.node.Attribute;
import org.sonar.plugins.html.node.TagNode;

@Rule(key = "S5725")
/* loaded from: input_file:org/sonar/plugins/html/checks/security/ResourceIntegrityCheck.class */
public class ResourceIntegrityCheck extends AbstractPageCheck {
    @Override // org.sonar.plugins.html.visitor.DefaultNodeVisitor
    public void startElement(TagNode tagNode) {
        Attribute property;
        if (!tagNode.equalsElementName("script") || (property = tagNode.getProperty("src")) == null || !isExternal(property.getValue()) || tagNode.hasProperty("integrity")) {
            return;
        }
        createViolation(tagNode, "Make sure not using resource integrity feature is safe here.");
    }

    private static boolean isExternal(String str) {
        return str.startsWith("http") || str.startsWith("//");
    }
}
