unsafe_html
Avoid unsafe HTML APIs.
This rule has been removed as of the latest Dart releases.
Details
#NOTE: This lint is deprecated and will be removed in a future release. Remove all inclusions of this lint from your analysis options.
AVOID
- assigning directly to the
href
field of an AnchorElement - assigning directly to the
src
field of an EmbedElement, IFrameElement, or ScriptElement - assigning directly to the
srcdoc
field of an IFrameElement - calling the
createFragment
method of Element - calling the
open
method of Window - calling the
setInnerHtml
method of Element - calling the
Element.html
constructor - calling the
DocumentFragment.html
constructor
BAD:
dart
var script = ScriptElement()..src = 'foo.js';
This rule has been removed.
Usage
#To enable the unsafe_html
rule, add unsafe_html
under linter > rules in your analysis_options.yaml
file:
analysis_options.yaml
yaml
linter:
rules:
- unsafe_html
Unless stated otherwise, the documentation on this site reflects Dart 3.6.0. Page last updated on 2024-07-03. View source or report an issue.