[pve-eslint.git] / eslint / docs / src / rules / no-script-url.md

---
title: no-script-url
rule_type: suggestion
further_reading:
- https://stackoverflow.com/questions/13497971/what-is-the-matter-with-script-targeted-urls
---


Using `javascript:` URLs is considered by some as a form of `eval`. Code passed in `javascript:` URLs has to be parsed and evaluated by the browser in the same way that `eval` is processed.

## Rule Details

Examples of **incorrect** code for this rule:

::: incorrect

```js
/*eslint no-script-url: "error"*/

location.href = "javascript:void(0)";

location.href = `javascript:void(0)`;
```

:::

## Compatibility

* **JSHint**: This rule corresponds to `scripturl` rule of JSHint.
Commit	Line	Data
8f9d1d4d DC	1	---
8f9d1d4d DC	2	title: no-script-url
8f9d1d4d DC	3	rule_type: suggestion
	4	further_reading:
	5	- https://stackoverflow.com/questions/13497971/what-is-the-matter-with-script-targeted-urls
	6	---
	7
eb39fafa DC	8
	9	Using `javascript:` URLs is considered by some as a form of `eval`. Code passed in `javascript:` URLs has to be parsed and evaluated by the browser in the same way that `eval` is processed.
	10
	11	## Rule Details
	12
	13	Examples of incorrect code for this rule:
	14
8f9d1d4d DC	15	::: incorrect
8f9d1d4d DC	16
eb39fafa DC	17	```js
	18	/eslint no-script-url: "error"/
	19
	20	location.href = "javascript:void(0)";
6f036462 TL	21
6f036462 TL	22	location.href = `javascript:void(0)`;
eb39fafa DC	23	```
eb39fafa DC	24
8f9d1d4d DC	25	:::
8f9d1d4d DC	26
eb39fafa DC	27	## Compatibility
	28
	29	* JSHint: This rule corresponds to `scripturl` rule of JSHint.