From c19146215d316f43dc113ffad2f4c508866cb514 Mon Sep 17 00:00:00 2001
From: Yavor Ivanov <yavor.ivanov@sap.com>
Date: Tue, 9 Apr 2024 10:04:35 +0300
Subject: [PATCH] fix: Ignore case when checking script's type

---
 src/detectors/transpilers/html/parser.ts               |  5 ++++-
 .../rules/CSPCompliance/NoInlineJS_negative.html       | 10 +++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/detectors/transpilers/html/parser.ts b/src/detectors/transpilers/html/parser.ts
index cc72550b7..b63211bb2 100644
--- a/src/detectors/transpilers/html/parser.ts
+++ b/src/detectors/transpilers/html/parser.ts
@@ -60,7 +60,10 @@ export async function extractJSScriptTags(contentStream: ReadStream) {
 				// https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script/type#attribute_is_not_set_default_an_empty_string_or_a_javascript_mime_type
 				return attr.name.value !== "type" ||
 					(attr.name.value === "type" &&
-					(attr.value.value === "" || attr.value.value === "text/javascript"));
+					["",
+						"text/javascript",
+						"application/javascript", /* legacy */
+					].includes(attr.value.value.toLowerCase()));
 			});
 
 			if (isJSScriptTag) {
diff --git a/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html b/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html
index 0852f76ca..2433e0f52 100644
--- a/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html
+++ b/test/fixtures/linter/rules/CSPCompliance/NoInlineJS_negative.html
@@ -16,9 +16,17 @@
 		</mvc:View>
 	</script>
 
+	<script type="module">
+		import { log } from "utils";
+
+		log("Exporting dog names.");
+
+		export const names = ["Kayla", "Bentley", "Gilligan"];
+	</script>
+
 	<script type="" src="./path/to/js.js"></script>
 
 	<script src="./another/path/to/js.js"></script>
 </body>
 
-</html>
+</html>
\ No newline at end of file