Skip to content
Critiq Docs

Search docs

Search documentation pages and rules

security.ux

Avoid blocking dialog APIs

Do not call `alert`, `confirm`, or `prompt` in application code.

#Metadata

Rule ID
ts.security.no-alert-confirm-prompt
Severity
medium
Confidence
0.93
Languages
javascript, typescript
Presets
recommended, security, strict
Stability
stable
Applies to
block
Tags
rules-catalog, security, ux

#Why it matters

Blocking dialogs freeze the UI thread, are easy to abuse for social engineering, and are inappropriate for production UX.

#Remediation

Replace blocking dialogs with in-app UI components or structured notifications.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/typescript/ts.security.no-alert-confirm-prompt.rule.yaml.

Back to directoryOpen rule in repository