Plugin: react-featuresRules

jsx-no-script-url

Prevent javascript: URLs in JSX. This rule is part of eslint-plugin-react-features and provides LLM-optimized error messages.

Keywords: React, JSX, javascript URL, XSS, security, ESLint rule, LLM-optimized

Prevent javascript: URLs in JSX. This rule is part of eslint-plugin-react-features and provides LLM-optimized error messages.

Quick Summary

Aspect	Details
Severity	Error (security)
Auto-Fix	❌ No auto-fix
Category	React Security
ESLint MCP	✅ Optimized for ESLint MCP integration
Best For	All React/JSX projects

Using javascript: URLs is a security risk and can lead to XSS vulnerabilities.

<a href="javascript:void(0)">Click</a>

<a href="javascript:alert('XSS')">Click</a>

<a href="#" onClick={handleClick}>Click</a>

<button onClick={handleClick}>Click</button>

jsx-no-literals

jsx-no-literals rule

jsx-no-target-blank

Require rel='noopener noreferrer' with target='_blank'. This rule is part of eslint-plugin-react-features and provides LLM-optimized error messages.