• Home
• org.sonarsource.javascript
• javascript-checks
• 10.2.0.21568
• source code
• S1442.html

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.sonar.l10n.javascript.rules.javascript.S1442.html Maven / Gradle / Ivy

alert(...) as well as confirm(...) and prompt(...) can be useful for debugging during development, but in
production mode this kind of pop-up could expose sensitive information to attackers, and should never be displayed.
Noncompliant Code Example
if(unexpectedCondition) {
  alert("Unexpected Condition");
}

See

  
 OWASP Top 10 2017 Category A3 - Sensitive Data
  Exposure 
  
 MITRE, CWE-489 - Active Debug Code 

Deprecated
This rule is deprecated; use {rule:javascript:S4507} instead.