You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Marc Pompl (JIRA)" <ji...@codehaus.org> on 2014/01/03 09:00:48 UTC

[jira] (MRELEASE-861) Rule for JSP comments

Marc Pompl created MRELEASE-861:
-----------------------------------

             Summary: Rule for JSP comments
                 Key: MRELEASE-861
                 URL: https://jira.codehaus.org/browse/MRELEASE-861
             Project: Maven Release Plugin
          Issue Type: Wish
    Affects Versions: 2.1
            Reporter: Marc Pompl
            Priority: Minor


It would be really nice if there was a rule to enforce JSP style comments instead of HTML comments. JSP comments have the benefit of be stripped from the rendered HTML. For this, it increases security since developers leave regularly hints for attackers.

So, the rule has to find usages of i.e.
<!-- set this to X and the server crashes -->
and suggest the usage of
<%-- no my clue is hidden from any browser -->


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira