Why you should care
CDATA stands for character Data and is an XML construct. It lies in between these strings which include data that could mistakenly be interpreted as XML markup. It has no meaning in HTML as it is ignored by the parser. However, it is not ignored by Javascript making CDATA markers useful around the text of inline and elements of XHTML documents.
Business Impacts
CDATA can be read by JSP scripts but it cannot be read by HTML which can make it a Production risk if used improperly. However it improves productivity when utilized correctly.
CAST Recommendations
References
https://docs.oracle.com/cd/E19159-01/819-3669/bnalq/index.html
How we detect
This code insight shows that, for JSP documents (using XML syntax), a CDATA element should be used only when necessary to ensure your code does not break the document structure. This occurs when writing Java code inside declarations, scriptlets, and expressions.
About CAST and Highlight’s Code Insights
Over the last 25 years, CAST has leveraged unique knowledge on software quality measurement by analyzing thousands of applications and billions of lines of code. Based on this experience and community standards on programming best practices, Highlight implements hundreds of code insights across 15+ technologies to calculate health factors of a software.