TRIAL REQUEST A DEMO LOGIN

Javascript - Avoid use of alert function

Impact area

Scalability

Severity

Low

Affected element

Catalog Client Script

Client Script

Widget

Widget Angular Provider

UI Script

Rule number

SN-0114

Impact

The alert function can be useful for debugging during development, but in production mode this kind of pop-up could expose sensitive information to attackers, and should never be displayed.

Remediation

Remove all alert function calls from your code.

Time to fix

5 min

Code examples

Noncompliant code

if(unexpectedCondition) {
alert("Unexpected Condition Is Happening");
}

Compliant code

if(unexpectedCondition) {
console.log("Unexpected Condition Is Happening");
}

What's here


Related content

JavaScript rules

JavaScript best practices

CWE-489: Active Debug Code




Last modified on Mar 19, 2021
Copyright © QualityClouds 2021