text_direction_code_point_in_literal

The Unicode code point 'U+{0}' changes the appearance of text from how it's interpreted by the compiler.

The analyzer produces this diagnostic when it encounters source that contains text direction Unicode code points. These code points cause source code in either a string literal or a comment to be interpreted and compiled differently than how it appears in editors, leading to possible security vulnerabilities.

The following code produces this diagnostic twice because there are hidden characters at the start and end of the label string:

var label = 'Interactive text';

If the code points are intended to be included in the string literal, then escape them:

var label = '\u202AInteractive text\u202C';

If the code points aren't intended to be included in the string literal, then remove them:

var label = 'Interactive text';

Unless stated otherwise, the documentation on this site reflects Dart 3.7.3. Page last updated on 2025-05-08. View source or report an issue.