HV-873 Clarifying scope of @SafeHtml constraint in JavaDocs

hibernate · Apr 24, 2014 · 0972d34 · 0972d34
1 parent ccc75d5
commit 0972d34
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/engine/src/main/java/org/hibernate/validator/constraints/SafeHtml.java b/engine/src/main/java/org/hibernate/validator/constraints/SafeHtml.java
@@ -33,6 +33,10 @@
 /**
  * Validate a rich text value provided by the user to ensure that it contains no malicious code, such as embedded
  * &lt;script&gt; elements.
+ * <p>
+ * Note that this constraint assumes you want to validate input which represents a body fragment of an HTML document. If
+ * you instead want to validate input which represents a complete HTML document, add the {@code html}, {@code head} and
+ * {@code body} tags to the used whitelist as required.
  *
  * @author George Gastaldi
  */