CDATA is an XML construct which can only be read by JSP

28 July 2017
Posted by Michael MULLER
Code Insights, Programming Best Practices, Risk, Software Resiliency
Software ResiliencyProgramming Best Practices

Why you should care

CDATA stands for character Data and is an XML construct. It lies in between these strings which include data that could mistakenly be interpreted as XML markup. It has no meaning in HTML as it is ignored by the parser. However, it is not ignored by Javascript making CDATA markers useful around the text of inline and elements of XHTML documents.

Business Impacts

CDATA can be read by JSP scripts but it cannot be read by HTML which can make it a Production risk if used improperly. However it improves productivity when utilized correctly.

Production Risk
5362

CAST Recommendations

References

https://docs.oracle.com/cd/E19159-01/819-3669/bnalq/index.html

Style Guide

How we detect

This code insight shows that, for JSP documents (using XML syntax), a CDATA element should be used only when necessary to ensure your code does not break the document structure. This occurs when writing Java code inside declarations, scriptlets, and expressions.

5362

About CAST and Highlight’s Code Insights

Over the last 25 years, CAST has leveraged unique knowledge on software quality measurement by analyzing thousands of applications and billions of lines of code. Based on this experience and community standards on programming best practices, Highlight implements hundreds of code insights across 15+ technologies to calculate health factors of a software.

See featuresHow it works
Copyright © 2021 CAST All Rights Reserved