JSP中HTML输出的问题
我有生成一些 HTML 的代码,但是当我尝试在 jsp 中输出此内容时,所有“<” 被替换为 '<' 和所有 '>' 与“>”。 这是呈现结果的片段:
<c:out value="${data}"/>
有人可以解释一下导致角色替换的原因以及如何避免吗?
PS:我尝试过
谢谢, 娜塔莎
I have code which generates some HTML, but when I try to output this content in a jsp all '<' are replaced with '<' and all '>' with '>'. Here is the piece which renders the result:
<c:out value="${data}"/>
Can someone please explain what causes the character replacement, and how it can be avoided?
PS: I've tried escapeXml='false' property of <c:out/> tag, nothing at all is displayed.
Thanks,
Natasha
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
您希望生成的 HTML 做什么,您希望它作为浏览器使用的标记,还是希望它显示在最终页面上,例如作为用户可见的示例代码? 如果没有 escapeXml='false' ,它将作为 HTML 输出到浏览器并与所有其他标记一起解释。 如果 escapeXml='true' ,它将转换为转义标记,对最终用户可见。 所以这完全取决于你想做什么。
如果你想拥有< 和> 对于最终用户可见的字符,则它们必须显示为 < 和> 在标记中。
缺口
What do you want the generated HTML to do, do you want it to be markup used by the browser or do you want it shown on the final page, for example as sample code visible to the user? Without escapeXml='false' it will be output to the browser as HTML and interpreted along with all the other markup. With escapeXml='true' it will be turned into escaped markup which is rendered visible to the end-user. So it all depends on what you're trying to do.
If you want to have < and > characters visible to the end user then they have to appear as < and > in the markup.
Nick
out 标签的行为与它应该的一样 - 如果您确实希望输出文字值,您可以直接在文本中插入 EL 表达式 ${data}。 也就是说,
使用它
您将在 JSP 中
。 在您对 c:out 感到愤怒之前,请考虑一下输出通常是用户放入其中的内容 - 可能包含一些不需要的代码。 想象一下在 StackOverflow 上使用 ${data} 代替 c:out(C# 版本):-)
The out tag behaves as it should - if you do wish to output the literal value you can directly insert the EL expressen ${data} in your text. That is, in stead of
you would use
in your JSP.
Before you get angry with c:out, please consider that the output often is something a user has put in there - potentially with some unwanted code. Imagine using ${data} on StackOverflow in stead of the (C# version of) c:out :-)
c:out 标签上有一个 escapeXml 属性,默认设置为 true,将其设置为 false 并且不会发生转义,即您的 HTML 将按原样输出在浏览器中。
there is an escapeXml attribute on the c:out tag that is set to true by default, set it to false and no escaping will take place, i.e. your HTML will be output as is in the browser.
${data}则不会。 查看此相关问题。<c:out value="${data}"/>escapes HTML characters while${data}does not. Take a look at this related question.