unsafe_html

Contents

Avoid unsafe HTML APIs.

This rule has been removed as of the latest Dart releases.

NOTE: This lint is deprecated and will be removed in a future release. Remove all inclusions of this lint from your analysis options.

AVOID

assigning directly to the href field of an AnchorElement
assigning directly to the src field of an EmbedElement, IFrameElement, or ScriptElement
assigning directly to the srcdoc field of an IFrameElement
calling the createFragment method of Element
calling the open method of Window
calling the setInnerHtml method of Element
calling the Element.html constructor
calling the DocumentFragment.html constructor

BAD:

dart

var script = ScriptElement()..src = 'foo.js';

This rule has been removed.

To enable the unsafe_html rule, add unsafe_html under linter > rules in your analysis_options.yaml file:

analysis_options.yaml
yamllinter:
  rules:
    - unsafe_html

Unless stated otherwise, the documentation on this site reflects Dart 3.5.4. Page last updated on 2024-07-03. View source or report an issue.

Details