disallow use of v-html to prevent XSS attack
- ⚙️ This rule is included in
📖 Rule Details
This rule reports all uses of
v-html directive in order to reduce the risk of injecting potentially unsafe / unescaped html into the browser leading to Cross-Site Scripting (XSS) attacks.
🔇 When Not To Use It
If you are certain the content passed to
v-html is sanitized HTML you can disable this rule.
📚 Further Reading
This rule was introduced in eslint-plugin-vue v4.7.0