no-script-url - ESLint - Pluggable JavaScript Linter (original) (raw)

Disallow javascript: URLs

Table of Contents

1. Rule Details
2. Compatibility
3. Version
4. Further Reading
5. Resources

Using javascript: URLs is considered by some as a form of eval. Code passed in javascript: URLs has to be parsed and evaluated by the browser in the same way that eval is processed.

Rule Details

Examples of incorrect code for this rule:

Open in Playground

/*eslint no-script-url: "error"*/

location.href = "javascript:void(0)";

location.href = `javascript:void(0)`;

Compatibility

• JSHint: This rule corresponds to scripturl rule of JSHint.

Version

This rule was introduced in ESLint v0.0.9.

Further Reading

Resources

• Rule source
• Tests source