sveltejs · Conduitry · Apr 28, 2020 · Apr 27, 2020 · Apr 27, 2020 · Apr 28, 2020
diff --git a/src/compiler/compile/nodes/Element.ts b/src/compiler/compile/nodes/Element.ts
@@ -428,7 +428,7 @@ export default class Element extends Node {
 			if (attribute) {
 				const value = attribute.get_static_value();
 
-				if (value === '' || value === '#') {
+				if (value === '' || value === '#' || /^\W*javascript:/.test(value)) {
 					component.warn(attribute, {
 						code: `a11y-invalid-attribute`,
 						message: `A11y: '${value}' is not a valid ${attribute.name} attribute`

diff --git a/test/validator/samples/a11y-anchor-is-valid/input.svelte b/test/validator/samples/a11y-anchor-is-valid/input.svelte
@@ -1,3 +1,4 @@
 <a>not actually a link</a>
 <a href=''>invalid</a>
-<a href='#'>invalid</a>
+<a href='#'>invalid</a>
+<a href="javascript:void(0)">invalid</a>
diff --git a/test/validator/samples/a11y-anchor-is-valid/warnings.json b/test/validator/samples/a11y-anchor-is-valid/warnings.json
@@ -43,5 +43,20 @@
 			"character": 61
 		},
 		"pos": 53
+	},
+	{
+		"code": "a11y-invalid-attribute",
+		"message": "A11y: 'javascript:void(0)' is not a valid href attribute",
+		"start": {
+			"line": 4,
+			"column": 3,
+			"character": 77
+		},
+		"end": {
+			"line": 4,
+			"column": 28,
+			"character": 102
+		},
+		"pos": 77
 	}
 ]