XML Scan rules
Contrast Scan supports these rules for XML.
Severity | Contrast rule | Engine rule ID | Description |
|---|---|---|---|
Critical | Check Action Mappings Type | OPT.XML.STRUTSCONFIG.CheckActionMappingsType | CheckActionMappingsType: Class for action-mappings property does not match with the ones defined in this rule's property |
Critical | Check Action With Path Attribute | OPT.XML.STRUTSCONFIG.CheckActionWithPathAttribute | CheckActionWithPathAttribute: Every action must contain a path attribute |
Critical | Check Html Redirect Links | OPT.XML.STRUTSCONFIG.CheckHtmlRedirectLinks | CheckHtmlRedirectLinks: A forward to a web document must use the redirect attribute |
Critical | Check Maximum Session Scopes | OPT.XML.STRUTSCONFIG.CheckMaximumSessionScopes | CheckMaximumSessionScopes: Level of ActionForm in session overpassed |
Critical | Check Name Attribute In Form Beans | OPT.XML.STRUTSCONFIG.CheckNameAttributeInFormBeans | CheckNameAttributeInFormBeans: Every <form-bean> must specify a "name" attribute |
Critical | Specify Filter Action | OPT.XML.WEB.SpecifyFilterAction | SpecifyFilterAction: Action filter is not properly defined |
Critical | Use the proper slash character in URLs | OPT.XML.XMLPT.USEOFCORRECTBARS | USEOFCORRECTBARS: Use the proper slash character in URLs ('/') |
Critical | Document your code | OPT.XML.XSLT_MAN.DOCUMENTEDCODE | DOCUMENTEDCODE: Checks if the code is documented |
Critical | Use xsl:choose correctly | OPT.XML.XSLT_MAN.EFFICIENTUSEOFCHOOSE | EFFICIENTUSEOFCHOOSE: Checks if the xsl:choose tag is being used correctly |
Critical | Remove unused parameters | OPT.XML.XSLT_MAN.NOUSEDPARAM | NOUSEDPARAM: Detects declared parameters are not being used |
Critical | Remove unused variables | OPT.XML.XSLT_MAN.NOUSEDVARIABLES | NOUSEDVARIABLES: Detects declared variables are not being used |
Critical | Avoid using axis | OPT.XML.XSLT_OYR.INEFFICIENTAXES | INEFFICIENTAXES: Avoid using axis |
Critical | Avoid using XPath comparisons | OPT.XML.XSLT_OYR.NOUSEXPATHCOMPARATIONS | NOUSEXPATHCOMPARATIONS: Advises avoid the direct comparisons between nodes |
Critical | Advised the use keys | OPT.XML.XSLT_OYR.USEKEYS | USEKEYS: Advised the use of keys |
Critical | Check XPath expressions | OPT.XML.XSLT_PB.CHECKXPATHEXPRESSIONS | CHECKXPATHEXPRESSIONS: Checks the XPath expressions |
Critical | Checks tag names xsl:template | OPT.XML.XSLT_PB.DUPLICATENAMEOFTEMPLATE | DUPLICATENAMEOFTEMPLATE: Checks tag names xsl:template |
Critical | Checks if the stylesheet is portable | OPT.XML.XSLT_PT.PORTABILITY | PORTABILITY: Checks if the stylesheet is portable |
High | Check Unused Action Forms | OPT.XML.STRUTSCONFIG.CheckUnusedActionForms | CheckUnusedActionForms: There are ActionForms that are not being used in actions |
Info | Check Form Properties | OPT.XML.STRUTSCONFIG.CheckFormProperties | CheckFormProperties: There are Forms without properties |
Info | Compulsory Resources Import | OPT.XML.STRUTSCONFIG.CompulsoryResourcesImport | CompulsoryResourcesImport: Parameter attribute in message-resources is not valid |
Medium | Check Action With Forward | OPT.XML.STRUTSCONFIG.CheckActionWithForward | CheckActionWithForward: Every action must be followed by a forward chlid node |
Medium | Non Matching Type In Form Bean | OPT.XML.STRUTSCONFIG.NonMatchingTypeInFormBean | NonMatchingTypeInFormBean: ActionForm different from DynaValidatorForm or ValidatorForm |