Anypoint Best Practices

(6 reviews)

no-eval-in-markdown

general > no-eval-in-markdown

Guidance

This rule protects against cross-site scripting (XSS) attacks that could happen when you add description
documents from third parties and use the parsed content rendered in HTML/JS. If one of those third parties
does something like inject `eval()` JavaScript statements, it could lead to an XSS attack.

Applies to WebAPI

Constraint

Type: Declarative Validation

Reviews

Asset overview
Type	Ruleset
Organization	MuleSoft
Published by	MuleSoft Organization
Published on	Oct 11, 2022

Asset versions for 1.0.x

Asset versions
Version	Actions
1.0.3
1.0.2
1.0.1
1.0.0