How to replace the `vue:href` method

:href="" is scanned by sonarqube, showing Take care when using the v-bind:href directive to set URLs which can contain malicious Javascript (javascript:onClick(…)).
Brothers and sisters, is there any way to replace :href?

<el-table-column prop="link" width="70">
   <template slot-scope="{row}">
      <a :href="" rel="opener" target="_blank" class="fast">{{}}</a>

>Solution :

Looking at the sonarqube report, your code href address may be a piece of executable code, which can be changed to a p tag, and then bind the click event to the p tag to achieve the purpose through;

In addition, the address of the general dynamic a link still needs to be processed, otherwise there is a risk of script injection.

A js library is recommended:

Leave a Reply