diff --git a/pmd-visualforce/etc/grammar/VfParser.jjt b/pmd-visualforce/etc/grammar/VfParser.jjt index e7c0bae418..d8725ddaa7 100644 --- a/pmd-visualforce/etc/grammar/VfParser.jjt +++ b/pmd-visualforce/etc/grammar/VfParser.jjt @@ -145,7 +145,7 @@ PARSER_END(VfParser) | =" > | | " > - | + | | | > | )+ ( ()+)? > @@ -476,10 +476,10 @@ void UnaryExpression() #void : {} { ( | ) UnaryExpression() - | UnaryExpressionNotPlusMinus() + | NegationExpression() } -void UnaryExpressionNotPlusMinus() #void : +void NegationExpression() #void : {} { ( ) UnaryExpression() diff --git a/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/ast/VfParserVisitorAdapter.java b/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/ast/VfParserVisitorAdapter.java index ec3d9d3a46..a0fd42ba2a 100644 --- a/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/ast/VfParserVisitorAdapter.java +++ b/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/ast/VfParserVisitorAdapter.java @@ -93,5 +93,5 @@ public class VfParserVisitorAdapter implements VfParserVisitor { public Object visit(ASTContent node, Object data) { return visit((VfNode) node, data); } - + } diff --git a/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/rule/security/VfUnescapeElRule.java b/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/rule/security/VfUnescapeElRule.java index ff7124e816..486bd82e81 100644 --- a/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/rule/security/VfUnescapeElRule.java +++ b/pmd-visualforce/src/main/java/net/sourceforge/pmd/lang/vf/rule/security/VfUnescapeElRule.java @@ -230,20 +230,24 @@ public class VfUnescapeElRule extends AbstractVfRule { if (expression != null) { final ASTIdentifier id = expression.getFirstChildOfType(ASTIdentifier.class); if (id != null) { - switch (id.getImage().toLowerCase()) { - case "$component": - case "$objecttype": - case "$label": - case "$resource": - case "urlfor": - case "$site": - case "$page": - case "$action": - case "casesafeid": - case "$remoteaction": - return true; + List args = expression.findChildrenOfType(ASTArguments.class); + if (!args.isEmpty()) { + switch (id.getImage().toLowerCase()) { + case "$component": + case "$objecttype": + case "$label": + case "$resource": + case "urlfor": + case "$site": + case "$page": + case "$action": + case "casesafeid": + case "not": + case "$remoteaction": + return true; - default: + default: + } } } diff --git a/pmd-visualforce/src/test/resources/net/sourceforge/pmd/lang/vf/rule/security/xml/VfUnescapeEl.xml b/pmd-visualforce/src/test/resources/net/sourceforge/pmd/lang/vf/rule/security/xml/VfUnescapeEl.xml index 8c4c8ed50c..cd698c2bca 100644 --- a/pmd-visualforce/src/test/resources/net/sourceforge/pmd/lang/vf/rule/security/xml/VfUnescapeEl.xml +++ b/pmd-visualforce/src/test/resources/net/sourceforge/pmd/lang/vf/rule/security/xml/VfUnescapeEl.xml @@ -557,5 +557,20 @@ Safe unquoted followed by safe quoted ]]> vf + + + 0 + + + +]]> + vf + +