Security |
Checks if JavaScript poses security issues.
Index
| Rule | Description | Type | Severity |
|---|---|---|---|
| SPC028901: Use of eval can compromise site security | Use of eval, and eval type functions causes severe security cross site scripting attack loopholes, on the site | JavaScriptFile | Error |
| SPC028902: Use of implied eval can compromise site security | Use of implied eval, and eval type functions causes severe security cross site scripting attack loopholes, on the site | JavaScriptFile | Error |
| SPC028903: Disallow use of script URLs | This causes the browser to eval the code target, opening up a point for a cross site scripting attack | JavaScriptFile | Error |
| SPC028904: Consider to disallow use of Comma Operator | The comma operator used in sequences can cause confusion what the code should actually return | JavaScriptFile | Warning |
| SPC028905: Don't use JavaScript libraries with known vulnerabilities | JavaScript libraries with known vulnerabilities expose your solution to exploits and you shouldn't use them until the vulnerability has been fixed. | JavaScriptFile | CriticalError |
Disclaimer: The views and opinions expressed in this documentation and in SPCAF do not necessarily reflect the opinions and recommendations of Microsoft or any member of Microsoft. SPCAF and RENCORE are registered trademarks of Rencore. All other trademarks, service marks, collective marks, copyrights, registered names, and marks used or cited by this documentation are the property of their respective owners.