Tag Attributes
If you click the Results dropdown and select General Patterns,
there will be two issues listed. In this lesson, we will
address the input tag detection. As you can see, the
Note: If you do not see the By default, all HTML Rule Sets are configured with a rule in the General Patterns detection category that catches standard HTML tag attributes (you can see the rule's pattern under the Reason column in the screenshot above). These tag attributes are not caught in the Embedded Strings category because they are defined in a completely different fashion. They are embedded within a tag as an attribute instead of delimited between matching tags, as are most HTML strings. Handling attribute strings is not quite as simple as those shown in the Embedded String results. Once you double-click on the row and see the issue displayed in the Source Files view, you will see that the entire input tag is highlighted instead of just the text we want to externalize. This occurs because the pattern necessary to detect it must capture more than just the string. Once you have the input tag highlighted in your source viewer, use your mouse to select only the display text (do not select the double-quotes):
Externalize the highlighted text by clicking the Externalize Selected
String button
Save the file using Ctrl-S. Lastly, we want to change the Status for the row so that it won't appear as Active after the next Scan. Right-click on the Scan Results issue for the selected row and select Ignore. Globalyzer will remember this setting if you scan again, as long as you don't alter the associated Rule Set or significantly modify the source file. The next lesson will address our last HTML string shown in the General Patterns Scan Results.
|
in the Toolbar. The code should look like this:
