Reducing the unsafe URI log warning to an info. If you use a String in a URI context, we sanitize the string, so it is not a security risk and should not generate a warning. However, we still log an info message so users know they can use SafeUri instead if they do not want the URI sanitized.
Review at http://gwt-code-reviews.appspot.com/1616804
Review by: xtof@google.com
git-svn-id: https://google-web-toolkit.googlecode.com/svn/trunk@10804 8db76d5a-ed1c-0410-87a9-c151d255dfc7
diff --git a/user/src/com/google/gwt/safehtml/rebind/SafeHtmlTemplatesImplMethodCreator.java b/user/src/com/google/gwt/safehtml/rebind/SafeHtmlTemplatesImplMethodCreator.java
index 6b207f3..8a2006c 100644
--- a/user/src/com/google/gwt/safehtml/rebind/SafeHtmlTemplatesImplMethodCreator.java
+++ b/user/src/com/google/gwt/safehtml/rebind/SafeHtmlTemplatesImplMethodCreator.java
@@ -363,10 +363,11 @@
*/
if (!isSafeUri(parameterType)) {
// Warn against using unsafe parameters in a URL attribute context.
- logger.log(TreeLogger.WARN,
- "Template with variable in URL attribute context: The template code generator cannot"
- + " guarantee HTML-safety of the template -- please inspect manually or use "
- + SAFE_URI_CN + " to specify arguments in a URL attribute context");
+ logger.log(TreeLogger.INFO,
+ "Template with variable in URL attribute context: The template code generator will"
+ + " sanitize the URL. Use " + SAFE_URI_CN
+ + " to specify arguments in a URL attribute context that should not be"
+ + " sanitized.");
}
emitAttributeContextParameterExpression(logger, htmlContext, formalParameterName,
parameterType);
