axios · emilyemorehouse · Jan 20, 2020 · Jan 20, 2020 · Jan 20, 2020
diff --git a/lib/helpers/isURLSameOrigin.js b/lib/helpers/isURLSameOrigin.js
@@ -1,7 +1,6 @@
 'use strict';
 
 var utils = require('./../utils');
-var isValidXss = require('./isValidXss');
 
 module.exports = (
   utils.isStandardBrowserEnv() ?
@@ -22,10 +21,6 @@ module.exports = (
       function resolveURL(url) {
         var href = url;
 
-        if (isValidXss(url)) {
-          throw new Error('URL contains XSS injection attempt');
-        }
-
         if (msie) {
         // IE needs attribute set twice to normalize properties
           urlParsingNode.setAttribute('href', href);

diff --git a/lib/helpers/isValidXss.js b/lib/helpers/isValidXss.js
diff --git a/test/specs/helpers/isURLSameOrigin.spec.js b/test/specs/helpers/isURLSameOrigin.spec.js
@@ -8,10 +8,4 @@ describe('helpers::isURLSameOrigin', function () {
   it('should detect different origin', function () {
     expect(isURLSameOrigin('https://github.com/axios/axios')).toEqual(false);
   });
-
-  it('should detect XSS scripts on a same origin request', function () {
-    expect(function() {
-      isURLSameOrigin('https://github.com/axios/axios?<script>alert("hello")</script>');
-    }).toThrowError(Error, 'URL contains XSS injection attempt')
-  });  
 });
diff --git a/test/specs/helpers/isValidXss.spec.js b/test/specs/helpers/isValidXss.spec.js