Fixed JavaDoc
diff --git a/core/src/main/java/org/owasp/encoder/Encode.java b/core/src/main/java/org/owasp/encoder/Encode.java
index 3befe85..3e3dc59 100644
--- a/core/src/main/java/org/owasp/encoder/Encode.java
+++ b/core/src/main/java/org/owasp/encoder/Encode.java
@@ -43,7 +43,7 @@
* Encode -- fluent interface for contextual encoding. Example usage in a JSP:
*
* <pre>
- * <input value="<%=Encode.forHtml(value)%>" />
+ * <input value="<%=Encode.forHtml(value)%>" />
* </pre>
*
* <p>There are two versions of each contextual encoding method. The first
@@ -71,15 +71,15 @@
* bytes or are writing a framework that utilizes this
* package.</p>
*
- * <h5>Example JSP Usage</h5>
+ * <b>Example JSP Usage</b>
* <pre>
- * <div><%=Encode.forHtml(unsafeData)%></div>
+ * <div><%=Encode.forHtml(unsafeData)%></div>
*
- * <input value="<%=Encode.forHtml(unsafeData)%>" />
+ * <input value="<%=Encode.forHtml(unsafeData)%>" />
* </pre>
*
- * <h5>Encoding Table</h5>
- * <table border="0">
+ * <table border="0" summary="Shows the input and results of encoding">
+ * <caption><b>Encoding Table</b></caption>
* <thead>
* <tr bgcolor="#ccf">
* <th align="left">Input</th>
@@ -110,7 +110,7 @@
* </tbody>
* </table>
*
- * <h5>Additional Notes</h5>
+ * <b>Additional Notes</b>
* <ul>
*
* <li>The encoding of the greater-than sign ({@code >}) is not
@@ -160,12 +160,12 @@
* HTML attributes. Use either forHtml or forHtmlAttribute for those
* methods.</p>
*
- * <h5>Example JSP Usage</h5>
+ * <b>Example JSP Usage</b>
* <pre>
- * <div><%=Encode.forHtmlContent(unsafeData)%></div>
+ * <div><%=Encode.forHtmlContent(unsafeData)%></div>
* </pre>
- * <h5>Encoding Table</h5>
- * <table border="0">
+ * <table border="0" summary="Shows the input and results of encoding">
+ * <caption><b>Encoding Table</b></caption>
* <thead>
* <tr bgcolor="#ccf">
* <th align="left">Input</th>
@@ -188,7 +188,7 @@
* </tbody>
* </table>
*
- * <h5>Additional Notes</h5>
+ * <b>Additional Notes</b>
* <ul>
*
* <li>Single-quote character ({@code '}) and double-quote
@@ -238,13 +238,13 @@
/**
* <p>This method encodes for HTML text attributes.</p>
*
- * <h5>Example JSP Usage</h5>
+ * <b>Example JSP Usage</b>
* <pre>
- * <div><%=Encode.forHtml(unsafeData)%></div>
+ * <div><%=Encode.forHtml(unsafeData)%></div>
* </pre>
*
- * <h5>Encoding Table</h5>
- * <table border="0">
+ * <table border="0" summary="Shows the input and results of encoding">
+ * <caption><b>Encoding Table</b></caption>
* <thead>
* <tr bgcolor="#ccf">
* <th align="left">Input</th>
@@ -271,7 +271,7 @@
* </tbody>
* </table>
*
- * <h5>Additional Notes</h5>
+ * <b>Additional Notes</b>
* <ul>
*
* <li>Both the single-quote character ({@code '}) and the
@@ -339,13 +339,13 @@
* attempt has been made to optimize this encoding, though it is
* still probably faster than other encoding libraries.</p>
*
- * <h5>Example JSP Usage</h5>
+ * <b>Example JSP Usage</b>
* <pre>
- * <input value=<%=Encode.forHtmlUnquotedAttribute(input)%> >
+ * <input value=<%=Encode.forHtmlUnquotedAttribute(input)%> >
* </pre>
*
- * <h5>Encoding Table</h5>
- * <table border="0">
+ * <table border="0" summary="Shows the input and results of encoding">
+ * <caption><b>Encoding Table</b></caption>
* <thead>
* <tr bgcolor="#ccf">
* <th align="left">Input</th>
@@ -372,7 +372,7 @@
* </tbody>
* </table>
*
- * <h5>Additional Notes</h5>
+ * <b>Additional Notes</b>
* <ul>
*
* <li>The following characters are <i>not</i> encoded:
@@ -436,16 +436,16 @@
* characters. It is safe for use in both style blocks and attributes in
* HTML.
*
- * <h5>Example JSP Usage</h5>
+ * <b>Example JSP Usage</b>
* <pre>
- * <div style="background: url('<=Encode.forCssString(...)%>');">
+ * <div style="background: url('<=Encode.forCssString(...)%>');">
*
- * <style type="text/css">
- * background: url('<%=Encode.forCssString(...)%>');
- * </style>
+ * <style type="text/css">
+ * background: url('<%=Encode.forCssString(...)%>');
+ * </style>
* </pre>
*
- * <h5>Encoding Notes</h5>
+ * <b>Encoding Notes</b>
* <ul>
*
* <li>The following characters are encoded using hexidecimal
@@ -515,15 +515,15 @@
* itself. The caller should insure that the URL is safe for embedding
* (e.g. input validation) by other means.
*
- * <h5>Example JSP Usage</h5>
+ * <b>Example JSP Usage</b>
* <pre>
- * <div style="background:url(<=Encode.forCssUrl(...)%>);">
+ * <div style="background:url(<=Encode.forCssUrl(...)%>);">
*
- * <style type="text/css">
- * background: url(<%=Encode.forCssUrl(...)%>);
- * </style>
+ * <style type="text/css">
+ * background: url(<%=Encode.forCssUrl(...)%>);
+ * </style>
* </pre>
- * <h5>Encoding Notes</h5>
+ * <b>Encoding Notes</b>
* <ul>
*
* <li>The following characters are encoded using hexidecimal
@@ -592,15 +592,15 @@
* example a "javascript:" URL provided by a malicious user would be
* "properly" escaped, and still execute.
*
- * <h5>Encoding Table</h5>
+ * <b>Encoding Table</b>
* <p>The following characters are <i>not</i> encoded:</p>
* <pre>
- * U+20: ! # $ & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; = ?
+ * U+20: ! # $ & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; = ?
* U+40: @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ ] _
* U+60: a b c d e f g h i j k l m n o p q r s t u v w x y z ~
* </pre>
*
- * <h5>Encoding Notes</h5>
+ * <b>Encoding Notes</b>
* <ul>
*
* <li>The single-quote character({@code '}) <b>is not encoded</b>.</li>
@@ -657,12 +657,12 @@
* interpreted as part of another component.
*
* <pre>
- * <a href="http://www.owasp.org/<%=Encode.forUriComponent(...)%>?query#fragment">
+ * <a href="http://www.owasp.org/<%=Encode.forUriComponent(...)%>?query#fragment">
*
- * <a href="/search?value=<%=Encode.forUriComponent(...)%>&order=1#top">
+ * <a href="/search?value=<%=Encode.forUriComponent(...)%>&order=1#top">
* </pre>
*
- * <h5>Encoding Table</h5>
+ * <b>Encoding Table</b>
* <p>The following characters are <i>not</i> encoded:</p>
* <pre>
* U+20: - . 0 1 2 3 4 5 6 7 8 9
@@ -670,7 +670,7 @@
* U+60: a b c d e f g h i j k l m n o p q r s t u v w x y z ~
* </pre>
*
- * <h5>Encoding Notes</h5>
+ * <b>Encoding Notes</b>
* <ul>
*
* <li>Unlike {@link #forUri(String)} this method is safe to be
@@ -810,10 +810,10 @@
* caller will need to come up with their own encode/decode system.</p>
*
* <pre>
- * out.println("<?xml version='1.0'?>");
- * out.println("<data>");
- * out.println("&;lt;!-- "+Encode.forXmlComment(comment)+" -->");
- * out.println("</data>");
+ * out.println("<?xml version='1.0'?>");
+ * out.println("<data>");
+ * out.println("<!-- "+Encode.forXmlComment(comment)+" -->");
+ * out.println("</data>");
* </pre>
*
* @param input the input to encode
@@ -846,7 +846,7 @@
* provide the CDATA section boundaries.
*
* <pre>
- * <xml-data><![CDATA[<%=Encode.forCDATA(...)%>]]></xml-data>
+ * <xml-data><![CDATA[<%=Encode.forCDATA(...)%>]]></xml-data>
* </pre>
*
* @param input the input to encode
@@ -920,16 +920,16 @@
* are writing a framework on top of this library, it is recommend
* that you use this method over the others.</p>
*
- * <h5>Example JSP Usage:</h5>
+ * <b>Example JSP Usage:</b>
* <pre>
- * <button onclick="alert('<%=Encode.forJavaScript(data)%>');">
- * <script type="text/javascript">
- * var data = "<%=Encode.forJavaScript(data)%>";
- * </script>
+ * <button onclick="alert('<%=Encode.forJavaScript(data)%>');">
+ * <script type="text/javascript">
+ * var data = "<%=Encode.forJavaScript(data)%>";
+ * </script>
* </pre>
*
- * <h5>Encoding Description</h5>
* <table cellspacing="1" cellpadding="1" border="0">
+ * <caption><b>Encoding Description</b></caption>
* <thead>
* <tr bgcolor="#ccf">
* <th align="left" colspan="2">Input Character</th>
@@ -972,7 +972,7 @@
* "\&quot;".)</td>
* </tr>
* <tr>
- * <td>U+0026</td><td><code>&</code></td>
+ * <td>U+0026</td><td><code>&</code></td>
* <td><code>\x26</code></td>
* <td>Ampersand character</td>
* </tr>
@@ -988,7 +988,7 @@
* <td>U+002F</td><td><code>/</code></td>
* <td><code>\/</code></td>
* <td>This encoding is used to avoid an input sequence
- * "</" from prematurely terminating a </script>
+ * "</" from prematurely terminating a </script>
* block.</td>
* </tr>
* <tr>
@@ -1041,9 +1041,9 @@
* recommend that you use {@link #forJavaScript(String)} over this
* method.</strong></p>
*
- * <h5>Example JSP Usage:</h5>
+ * <b>Example JSP Usage:</b>
* <pre>
- * <button onclick="alert('<%=Encode.forJavaScriptAttribute(data)%>');">
+ * <button onclick="alert('<%=Encode.forJavaScriptAttribute(data)%>');">
* </pre>
*
* @param input the input string to encode
@@ -1084,11 +1084,11 @@
* recommend that you use {@link #forJavaScript(String)} over this
* method.</strong></p>
*
- * <h5>Example JSP Usage:</h5>
+ * <b>Example JSP Usage:</b>
* <pre>
- * <script type="text/javascript">
- * var data = "<%=Encode.forJavaScriptBlock(data)%>";
- * </script>
+ * <script type="text/javascript">
+ * var data = "<%=Encode.forJavaScriptBlock(data)%>";
+ * </script>
* </pre>
*
* @param input the input string to encode
@@ -1129,19 +1129,19 @@
* recommend that you use {@link #forJavaScript(String)} over this
* method.</strong></p>
*
- * <h5>Example JSP Usage:</h5>
+ * <b>Example JSP Usage:</b>
* This example is serving up JavaScript source directly:
* <pre>
- * <%@page contentType="text/javascript; charset=UTF-8"%>
- * var data = "<%=Encode.forJavaScriptSource(data)%>";
+ * <%@page contentType="text/javascript; charset=UTF-8"%>
+ * var data = "<%=Encode.forJavaScriptSource(data)%>";
* </pre>
*
* This example is serving up JSON data (users of this use-case
* are encouraged to read up on "JSON Hijacking"):
* <pre>
- * <%@page contentType="application/json; charset=UTF-8"%>
- * <% myapp.jsonHijackingPreventionMeasure(); %>
- * {"data":"<%=Encode.forJavaScriptSource(data)%>"}
+ * <%@page contentType="application/json; charset=UTF-8"%>
+ * <% myapp.jsonHijackingPreventionMeasure(); %>
+ * {"data":"<%=Encode.forJavaScriptSource(data)%>"}
* </pre>
*
* @param input the input string to encode
diff --git a/core/src/main/java/org/owasp/encoder/Encoder.java b/core/src/main/java/org/owasp/encoder/Encoder.java
index 7f4b887..3c5656e 100644
--- a/core/src/main/java/org/owasp/encoder/Encoder.java
+++ b/core/src/main/java/org/owasp/encoder/Encoder.java
@@ -110,7 +110,7 @@
* true}). This will happen when the encoder needs to see more
* input before determining what to do--for example when encoding
* for CDATA, if the input ends with {@code "foo]]"}, the encoder
- * will need to see the next character to determine if it is a ">"
+ * will need to see the next character to determine if it is a ">"
* or not.</p>
*
* <p>Example usage:</p>
