src/java.base/share/classes/java/io/SerializablePermission.java

@@ -46,19 +46,19 @@
  *
  * <table class="striped">
  * <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption>
  * <thead>
  * <tr>
- * <th>Permission Target Name</th>
- * <th>What the Permission Allows</th>
- * <th>Risks of Allowing this Permission</th>
+ * <th scope="col">Permission Target Name</th>
+ * <th scope="col">What the Permission Allows</th>
+ * <th scope="col">Risks of Allowing this Permission</th>
  * </tr>
  * </thead>
  * <tbody>
  *
  * <tr>
- *   <td>enableSubclassImplementation</td>
+ *   <th scope="row">enableSubclassImplementation</th>
  *   <td>Subclass implementation of ObjectOutputStream or ObjectInputStream
  * to override the default serialization or deserialization, respectively,
  * of objects</td>
  *   <td>Code can use this to serialize or
  * deserialize classes in a purposefully malfeasant manner. For example,

@@ -67,20 +67,20 @@
  * to attackers. Or, during deserialization it could, for example, deserialize
  * a class with all its private fields zeroed out.</td>
  * </tr>
  *
  * <tr>
- *   <td>enableSubstitution</td>
+ *   <th scope="row">enableSubstitution</th>
  *   <td>Substitution of one object for another during
  * serialization or deserialization</td>
  *   <td>This is dangerous because malicious code
  * can replace the actual object with one which has incorrect or
  * malignant data.</td>
  * </tr>
  *
  * <tr>
- *   <td>serialFilter</td>
+ *   <th scope="row">serialFilter</th>
  *   <td>Setting a filter for ObjectInputStreams.</td>
  *   <td>Code could remove a configured filter and remove protections
  *       already established.</td>
  * </tr>
  * </tbody>