mirror of
https://github.com/github/codeql.git
synced 2026-01-12 22:14:47 +01:00
43 lines
901 B
XML
43 lines
901 B
XML
<!DOCTYPE qhelp PUBLIC
|
|
"-//Semmle//qhelp//EN"
|
|
"qhelp.dtd">
|
|
<qhelp>
|
|
<overview>
|
|
<p>
|
|
HTML comments are a technique for hiding JavaScript code from browsers that do not interpret <code>script</code>
|
|
tags. Since all popular browsers have supported <code>script</code> tags for many years, this precaution is
|
|
not needed any more.
|
|
</p>
|
|
|
|
</overview>
|
|
<recommendation>
|
|
|
|
<p>
|
|
Remove all HTML comments.
|
|
</p>
|
|
|
|
</recommendation>
|
|
<example>
|
|
|
|
<p>
|
|
The following code block uses HTML comments to hide the <code>script</code> block from ancient browsers.
|
|
</p>
|
|
|
|
<sample src="examples/HTMLComments.js" />
|
|
|
|
<p>
|
|
Since such browsers are no longer widely used, the comments should be removed:
|
|
</p>
|
|
|
|
<sample src="examples/HTMLCommentsGood.js" />
|
|
|
|
</example>
|
|
<references>
|
|
|
|
|
|
<li>JavaScript Toolbox: <a href="http://www.javascripttoolbox.com/bestpractices/#comments">JavaScript Best Practices</a>.</li>
|
|
|
|
|
|
</references>
|
|
</qhelp>
|