PMD 6.55.0

Release date: 25-February-2023

About
User Documentation
Rule Reference
- Apex Rules
  - Index
  - Best Practices
  - Code Style
  - Design
  - Documentation
  - Error Prone
  - Performance
  - Security
- Ecmascript Rules
- HTML Rules
  - Index
  - Best Practices
- Java Rules
- Java Server Pages Rules
  - Index
  - Best Practices
  - Code Style
  - Design
  - Error Prone
  - Security
- Maven POM Rules
  - Index
  - Error Prone
- Modelica Rules
  - Index
  - Best Practices
- PLSQL Rules
- Salesforce VisualForce Rules
  - Index
  - Security
- Scala Rules
  - Index
- VM Rules
- WSDL Rules
  - Index
- XML Rules
  - Index
  - Error Prone
- XSL Rules
Language Specific Documentation
Developer Documentation
Project documentation

» Salesforce VisualForce Rules

Salesforce VisualForce Rules

Index of all built-in rules available for Salesforce VisualForce

Security

Rules that flag potential security flaws.

VfCsrf: Avoid calling VF action upon page load as the action becomes vulnerable to CSRF.
VfHtmlStyleTagXss: Checks for the correct encoding in ‘<style/>’ tags in Visualforce pages. The rule is based on Sal…
VfUnescapeEl: Avoid unescaped user controlled content in EL as it results in XSS.

Additional rulesets

Basic VF (rulesets/vf/security.xml):

Deprecated This ruleset is for backwards compatibility.

It contains the following rules:

VfCsrf, VfUnescapeEl

Tags: