Disallow an <a> tag with JavaScript protocol in href

BurpSuite is flagging some of our files as the JSPs include lines like:
<a href="javascript:;"… or <a href="javascript:void(0);"
This code is bad practice (inline JavaScript), bad for SEO and acessibility and generally should be dealt with either with a button or by having JavaScript in an external file.

Non-compliant code: <a href="javascript:;">...</a>
Compliant code: <button href="javascript:;">...</buttpn>

Reference: <a>: The Anchor element - HTML: HyperText Markup Language | MDN

Anchor elements are often abused as fake buttons by setting their href to # or javascript:void(0) to prevent the page from refreshing, then listening for their click events .

These bogus href values cause unexpected behavior when copying/dragging links, opening links in a new tab/window, bookmarking, or when JavaScript is loading, errors, or is disabled. They also convey incorrect semantics to assistive technologies, like screen readers.

Use a <button> instead. In general, you should only use a hyperlink for navigation to a real URL .