diff options
author | igerasim <unknown> | 2019-08-12 13:24:23 -0700 |
---|---|---|
committer | bell-sw <liberica@bell-sw.com> | 2019-10-23 16:23:16 +0300 |
commit | 8bc179f8100f05c462715ac4be4fbe326b9e4e05 (patch) | |
tree | fad044a5d900cd4b4289e42b9527e80ca6938fdb | |
parent | 4a01f383c53e25db389728d1a4a7abec1056decc (diff) | |
download | jdk8u_langtools-8bc179f8100f05c462715ac4be4fbe326b9e4e05.tar.gz |
8226765: Commentary on Javadoc comments
Reviewed-by: jjg, rhalade, skoivu
-rw-r--r-- | src/share/classes/com/sun/tools/javadoc/JavaScriptScanner.java | 36 | ||||
-rw-r--r-- | test/tools/javadoc/TestScriptInComment.java | 6 |
2 files changed, 10 insertions, 32 deletions
diff --git a/src/share/classes/com/sun/tools/javadoc/JavaScriptScanner.java b/src/share/classes/com/sun/tools/javadoc/JavaScriptScanner.java index 2ef0d7a2..fa94444b 100644 --- a/src/share/classes/com/sun/tools/javadoc/JavaScriptScanner.java +++ b/src/share/classes/com/sun/tools/javadoc/JavaScriptScanner.java @@ -68,12 +68,10 @@ public class JavaScriptScanner { private boolean newline = true; Map<String, TagParser> tagParsers; - Set<String> eventAttrs; Set<String> uriAttrs; public JavaScriptScanner() { initTagParsers(); - initEventAttrs(); initURIAttrs(); } @@ -100,7 +98,11 @@ public class JavaScriptScanner { private void checkHtmlAttr(String name, String value) { String n = name.toLowerCase(Locale.ENGLISH); - if (eventAttrs.contains(n) + // https://www.w3.org/TR/html52/fullindex.html#attributes-table + // See https://www.w3.org/TR/html52/webappapis.html#events-event-handlers + // An event handler has a name, which always starts with "on" and is followed by + // the name of the event for which it is intended. + if (n.startsWith("on") || uriAttrs.contains(n) && value != null && value.toLowerCase(Locale.ENGLISH).trim().startsWith("javascript:")) { reporter.report(); @@ -1060,34 +1062,6 @@ public class JavaScriptScanner { } - private void initEventAttrs() { - eventAttrs = new HashSet<>(Arrays.asList( - // See https://www.w3.org/TR/html-markup/global-attributes.html#common.attrs.event-handler - "onabort", "onblur", "oncanplay", "oncanplaythrough", - "onchange", "onclick", "oncontextmenu", "ondblclick", - "ondrag", "ondragend", "ondragenter", "ondragleave", - "ondragover", "ondragstart", "ondrop", "ondurationchange", - "onemptied", "onended", "onerror", "onfocus", "oninput", - "oninvalid", "onkeydown", "onkeypress", "onkeyup", - "onload", "onloadeddata", "onloadedmetadata", "onloadstart", - "onmousedown", "onmousemove", "onmouseout", "onmouseover", - "onmouseup", "onmousewheel", "onpause", "onplay", - "onplaying", "onprogress", "onratechange", "onreadystatechange", - "onreset", "onscroll", "onseeked", "onseeking", - "onselect", "onshow", "onstalled", "onsubmit", "onsuspend", - "ontimeupdate", "onvolumechange", "onwaiting", - - // See https://www.w3.org/TR/html4/sgml/dtd.html - // Most of the attributes that take a %Script are also defined as event handlers - // in HTML 5. The one exception is onunload. - // "onchange", "onclick", "ondblclick", "onfocus", - // "onkeydown", "onkeypress", "onkeyup", "onload", - // "onmousedown", "onmousemove", "onmouseout", "onmouseover", - // "onmouseup", "onreset", "onselect", "onsubmit", - "onunload" - )); - } - private void initURIAttrs() { uriAttrs = new HashSet<>(Arrays.asList( // See https://www.w3.org/TR/html4/sgml/dtd.html diff --git a/test/tools/javadoc/TestScriptInComment.java b/test/tools/javadoc/TestScriptInComment.java index bda3aca7..e16a5502 100644 --- a/test/tools/javadoc/TestScriptInComment.java +++ b/test/tools/javadoc/TestScriptInComment.java @@ -25,7 +25,7 @@ /** * @test - * @bug 8138725 + * @bug 8138725 8226765 * @summary test --allow-script-in-comments * @run main TestScriptInComment */ @@ -65,6 +65,10 @@ public class TestScriptInComment { WS("< script >#ALERT</script>", false, "-Xdoclint:none"), // script tag with invalid white space SA("<script src=\"file\"> #ALERT </script>", true), // script tag with an attribute ON("<a onclick='#ALERT'>x</a>", true), // event handler attribute + OME("<img alt='1' onmouseenter='#ALERT'>", true), // onmouseenter event handler attribute + OML("<img alt='1' onmouseleave='#ALERT'>", true), // onmouseleave event handler attribute + OFI("<a href='#' onfocusin='#ALERT'>x</a>", true), // onfocusin event handler attribute + OBE("<a onbogusevent='#ALERT'>x</a>", true), // bogus/future event handler attribute URI("<a href='javascript:#ALERT'>x</a>", true); // javadcript URI /** |