Disallow Script URLs (no-script-url)

Using javascript: urls is considered by some as a form of eval. Script passed after javascript: has to be parsed and evaluated by the browser the same way that it does eval.

Rule Details

The following patterns are considered warnings:

location.href = "javascript:void(0)";

Compatibility

Further Reading

Version

This rule was introduced in ESLint 0.0.9.

Resources