16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
42 lines
1.0 KiB
Plaintext
42 lines
1.0 KiB
Plaintext
== Why is this an issue?
|
|
|
|
JSP expressions (using ``++<%= ... %>++``) have been deprecated because they:
|
|
|
|
* Are not unit testable.
|
|
* Are not reusable.
|
|
* Cannot make use of object oriented concepts such as inheritence.
|
|
* Have poor error handling capabilities: if an exception is thrown, an empty page is rended.
|
|
* Mix the business and presentation logic.
|
|
|
|
JSP Standard Tag Library (JSTL) and Expression Language should be used instead, enabiling the adoption of the model-view-controller (MVC) design pattern which reduces the coupling between the presentation tier and the business logic.
|
|
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,html]
|
|
----
|
|
<input type="text" name="foo" value="<%= request.getParameter("foo") %>" />
|
|
----
|
|
|
|
|
|
=== Compliant solution
|
|
|
|
[source,html]
|
|
----
|
|
<input type="text" name="foo" value="${fn:escapeXml(param.foo)}" />
|
|
----
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
=== Message
|
|
|
|
Replace this JSP expression using tag libraries and expression language.
|
|
|
|
|
|
endif::env-github,rspecator-view[]
|