AFDocs fixes: avoid redirect-behavior false positive in anchor copy handler#130
AFDocs fixes: avoid redirect-behavior false positive in anchor copy handler#130rachaelrenk wants to merge 2 commits into
Conversation
…andler Replace `window.location.href = href` with `window.location.hash = url.hash` in the heading anchor click handler. The old pattern triggered the afdocs `redirect-behavior` check, which heuristically scans the first 10 KB of HTML for `location.href =` assignments and classifies any match as a JavaScript redirect. Since anchor links are always fragment-only, `location.hash` is functionally equivalent and avoids the false positive. Co-Authored-By: Oz <oz-agent@warp.dev>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
I'm starting a first review of this pull request. You can view the conversation on Warp. I completed the review and no human review was requested for this pull request. Comment Powered by Oz |
![oz-for-oss[bot]](https://avatars.githubusercontent.com/in/3450139?s=60&v=4){kind=small}
There was a problem hiding this comment.
Overview
This PR changes the heading anchor copy fallback in src/components/CustomHead.astro from location.href navigation to location.hash so AFDocs no longer detects a page-level redirect.
Concerns
- The new explanatory comment still contains the exact
location.href =pattern that the AFDocs heuristic is trying to avoid, so the check can continue failing even though the executable assignment changed.
Verdict
Found: 0 critical, 1 important, 0 suggestions
Request changes
Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).
Powered by Oz
| // Navigate to the anchor fragment. Avoids `window.location.href = …` | ||
| // which the afdocs redirect-behavior check misclassifies as a JS | ||
| // redirect (it heuristically scans for location.href assignments in | ||
| // the first 10 KB of HTML). | ||
| window.location.hash = url.hash; |
There was a problem hiding this comment.
location.href = pattern the AFDocs checker scans for, so the redirect-behavior false positive can remain.
| // Navigate to the anchor fragment. Avoids `window.location.href = …` | |
| // which the afdocs redirect-behavior check misclassifies as a JS | |
| // redirect (it heuristically scans for location.href assignments in | |
| // the first 10 KB of HTML). | |
| window.location.hash = url.hash; | |
| // Navigate to the anchor fragment without using href-based | |
| // navigation, which the afdocs redirect-behavior check | |
| // misclassifies as a JS redirect when scanned in inline scripts. | |
| window.location.hash = url.hash; |
1 participant
AFDocs fixes: avoid redirect-behavior false positive
Context
The AFDocs scorecard
redirect-behaviorcheck was failing on all 50 sampled pages (score: 88/100, B+). Investigation showed the check heuristically scans the first 10 KB of HTML forlocation.href =assignments and was matching the anchor link copy handler inCustomHead.astro:This is an interactive click handler for heading anchor links, not a page-level redirect. The afdocs checker strips
<pre>and<code>blocks but not<script>tags, so it misclassifies the pattern.Fix
Replace
window.location.href = hrefwithwindow.location.hash = url.hash. Since Starlight anchor links are always fragment-only (#heading-name),location.hashis functionally equivalent and doesn't trigger the afdocs heuristic.Audit summary (pre-fix)
redirect-behavior(50 JS redirects — fixed in this PR)content-negotiation(Vercel static hosting limitation),markdown-content-parity(Turndown escaping false positive)Expected score after deploy
With this fix,
redirect-behaviorshould pass, bringing the score to ~92/100 (A-).Co-Authored-By: Oz oz-agent@warp.dev
Conversation: https://app.warp.dev/conversation/4e82341d-3b5d-490e-b71a-e3bc0db0b19c
Run: https://oz.warp.dev/runs/019e4eb2-d517-7ca7-a89b-985003d82496
This PR was generated with Oz.