All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.sonar.l10n.web.rules.Web.JspScriptletCheck.html Maven / Gradle / Ivy

There is a newer version: 2.6.0.1053
Show newest version

JSP expressions (using <%= ... %> have been deprecated because they:

  • Are not unit testable.
  • Are not reusable.
  • Cannot make use of object oriented concepts such as inheritence.
  • Have poor error handling capabilities: if an exception is thrown, an empty page is rended.
  • Mix the business and presentation logic.

JSP Standard Tag Library (JSTL) and Expression Language should be used instead, enabiling the adoption of the model-view-controller (MVC) design pattern which reduces the coupling between the presentation tier and the business logic.

Noncompliant Code Example

<input type="text" name="foo" value="<%= request.getParameter("foo") %>" />

Compliant Solution

<input type="text" name="foo" value="${fn:escapeXml(param.foo)}" />




© 2015 - 2024 Weber Informatics LLC | Privacy Policy