Index of all built-in rules available for Java Server Pages
Table of Contents
Best Practices
Rules which enforce generally accepted best practices.
- DontNestJsfInJstlIteration: Do not nest JSF component custom actions inside a custom action that iterates over its body.
- NoClassAttribute: Do not use an attribute called βclassβ. Use "styleclass" for CSS styles.
- NoHtmlComments: In a production system, HTML comments increase the payload between the application server to the β¦
- NoJspForward: Do not do a forward from within a JSP file.
Code Style
Rules which enforce a specific coding style.
- DuplicateJspImports: Avoid duplicate import statements inside JSPβs.
Design
Rules that help you discover design issues.
- NoInlineScript: Avoid inlining HTML script content. Consider externalizing the HTML script using the βsrcβ attriβ¦
- NoInlineStyleInformation: Style information should be put in CSS files, not in JSPs. Therefore, donβt use <B> or <FONT> tagβ¦
- NoLongScripts: Scripts should be part of Tag Libraries, rather than part of JSP pages.
- NoScriptlets: Scriptlets should be factored into Tag Libraries or JSP declarations, rather than being part of Jβ¦
Error Prone
Rules to detect constructs that are either broken, extremely confusing or prone to runtime errors.
- JspEncoding: A missing βmetaβ tag or page directive will trigger this rule, as well as a non-UTF-8 charset.
Security
Rules that flag potential security flaws.
- IframeMissingSrcAttribute: IFrames which are missing a src element can cause security information popups in IE if you are acβ¦
- NoUnsanitizedJSPExpression: Avoid using expressions without escaping / sanitizing. This could lead to cross site scripting - β¦