This is the twenty third installment of explanation of PMD rules covering rules related to JSP and JSF
Basic JSF rules
Rules concerning basic JSF guidelines.
DontNestJsfInJstlIteration
Do not nest JSF component custom actions inside a custom action that iterates over its body.
Example
Basic JSP rules
Rules concerning basic JSP guidelines.
NoLongScripts
Scripts should be part of Tag Libraries, rather than part of JSP pages.
Example
NoScriptlets
Scriptlets should be factored into Tag Libraries or JSP declarations, rather than being part of JSP pages.
Example
String title = "Hello world!"; NoInlineStyleInformation
Style information should be put in CSS files, not in JSPs. Therefore, don't use or tags, or attributes like "align='center'".
Example
NoClassAttribute
Example
NoJspForward
Example
IframeMissingSrcAttribute
Example
bad example><BODY><o:p></o:p></span></p> <p class="MsoNormal"><span><iframe></iframe><o:p></o:p></span></p> <p class="MsoNormal"><span></BODY> </HTML><o:p></o:p></span></p> <p class="MsoNormal"><span><o:p> </o:p></span></p> <p class="MsoNormal"><span><HTML><title>good example><BODY><o:p></o:p></span></p> <p class="MsoNormal"><span><iframe src="foo"></iframe><o:p></o:p></span></p> <p class="MsoNormal"><span></BODY> </HTML><o:p></o:p></span></p> <h2><span>NoHtmlComments<o:p></o:p></span></h2> <p class="MsoNormal">In a production system, HTML comments increase the payload between the application server to the client, and serve little other purpose. Consider switching to JSP comments.</p> <h3><span>Example<o:p></o:p></span></h3> <p class="MsoNormal"><span><HTML><title>bad example><BODY><o:p></o:p></span></p> <p class="MsoNormal"><span><!-- HTML comment --><o:p></o:p></span></p> <p class="MsoNormal"><span></BODY> </HTML><o:p></o:p></span></p> <p class="MsoNormal"><span><o:p> </o:p></span></p> <p class="MsoNormal"><span><HTML><title>good example><BODY><o:p></o:p></span></p> <p class="MsoNormal"><span><%-- JSP comment --%><o:p></o:p></span></p> <p class="MsoNormal"><span></BODY> </HTML><o:p></o:p></span></p> <h2><span>DuplicateJspImports<o:p></o:p></span></h2> <p class="MsoNormal">Avoid duplicate import statements inside JSP's.</p> <h3><span>Example<o:p></o:p></span></h3> <p class="MsoNormal"><span><%@ page import=\"com.foo.MyClass,com.foo.MyClass\"%><o:p></o:p></span></p> <p class="MsoNormal"><span><html><body><b><img src=\"<%=Some.get()%>/foo\">xx</img>text</b></body></html><o:p></o:p></span></p> <h2><span>JspEncoding<o:p></o:p></span></h2> <p class="MsoNormal">A missing 'meta' tag or page directive will trigger this rule, as well as a non-UTF-8 charset.</p> <h3><span>Example<o:p></o:p></span></h3> <p class="MsoNormal"><span>Most browsers should be able to interpret the following headers:<o:p></o:p></span></p> <p class="MsoNormal"><span><span> </span><o:p></o:p></span></p> <p class="MsoNormal"><span><span> </span><%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" %><o:p></o:p></span></p> <p class="MsoNormal"><span><span> </span><o:p></o:p></span></p> <p class="MsoNormal"><span><span> </span><span> </span><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><o:p></o:p></span></p><p></p></DIV>
Basic JSF rules
Rules concerning basic JSF guidelines.DontNestJsfInJstlIteration
Do not nest JSF component custom actions inside a custom action that iterates over its body.Example
Basic JSP rules
Rules concerning basic JSP guidelines.NoLongScripts
Scripts should be part of Tag Libraries, rather than part of JSP pages.Example
NoScriptlets
Scriptlets should be factored into Tag Libraries or JSP declarations, rather than being part of JSP pages.Example
<%
response.setHeader("Pragma", "No-cache");
%>
NoInlineStyleInformation
Style information should be put in CSS files, not in JSPs. Therefore, don't use or tags, or attributes like "align='center'".Example
text
NoClassAttribute
Do not use an attribute called 'class'. Use "styleclass" for CSS styles.
Example
Some text
NoJspForward
Do not do a forward from within a JSP file.
Example
IframeMissingSrcAttribute
IFrames which are missing a src element can cause security information popups in IE if you are accessing the page through SSL. See http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q261188
No comments:
Post a Comment