大家早上好,
周一早上,我很难理解为什么下面的代码在 IE 中有效,而在 FF 中无效。
<a class="button" href="#" onclick="setMaintenanceMode(false);">disable</a>
在 IE 和 FF 中,当您将鼠标悬停在按钮上时,URL 是...
http://localhost:8080/mainapp/secure/gotoDevice.action?hardwareId=1&storeCode=2571#
单击按钮时,将调用以下方法...
function setMaintenanceMode(enabled) {
var url = '<s:url action="secure/setMaintenanceMode"/>' + '&ModeEnabled=' + enabled;
document.location.href = url;
}
文档发送到的 URL 是(在两种浏览器中)...
/mainapp/secure/gotoDevice.action?hardwareId=1&storeCode=2571&ModeEnabled=false
问题是在 IE 中,struts 操作“setSetCode()”上的方法被调用,但在 FF 中则不会!如果我删除上面的哈希 ahref FF 可以工作,但 IE 不行(href =“#”)。
我尝试将 '&ModeEnabled=' 更改为 '&ModeEnabled=',但没有成功。
我查看了 google 和 struts 论坛,但没有成功。
我很想撕掉所有的 ahref 并用 Dojo 按钮替换它们,看看这是否有效,但在我这样做之前,我只是想知道是否有人可以解释为什么。
我的猜测是 ahref 使用错误,但为什么呢?
如果有人能帮助我理解为什么,我将不胜感激。
谢谢
杰夫·波特
编辑:返回 false 是解决方案的一部分。问题似乎是 url..
/mainApp/secure/setMaintenanceMode.action?hardwareId=5&storeCode=2571&ModeEnabled=true
里面有 & ,如果我按原样转到这个 url,那么它在 IE 中有效,但在 FF 中无效。
如果我将两者都更改为 & 那么它可以在 IE 和 IE 中工作。 FF。
如果我将两者都更改为 & 那么它仍然可以在 IE 中运行,但不能在 FF 中运行。
有什么想法吗?
注意:
struts 2.0.9 似乎不支持 标签上的属性 escapeAmp :
默认情况下,请求参数将使用转义的&符号(即&)分隔。这对于 XHTML 合规性是必要的,但是,当将此标记生成的 URL 与 escapeAmp 属性来禁用 & 符号逃跑。
Soultion:在 onclick 上返回 false 并升级到新的 struts + 设置 escapeAmp 参数。
否则,url = url.replace("&", "&");。
Morning all,
It early Monday morning and I'm struggling to understand why the followng line works in IE and not in FF.
<a class="button" href="#" onclick="setMaintenanceMode(false);">disable</a>
In both IE and FF the URL when you hover over the button is...
http://localhost:8080/mainapp/secure/gotoDevice.action?hardwareId=1&storeCode=2571#
When the button is clicked, the following method is called...
function setMaintenanceMode(enabled) {
var url = '<s:url action="secure/setMaintenanceMode"/>' + '&ModeEnabled=' + enabled;
document.location.href = url;
}
The URL that docuement is sent to is (in both browsers)...
/mainapp/secure/gotoDevice.action?hardwareId=1&storeCode=2571&ModeEnabled=false
The problem is that in IE the method on the struts action 'setSetCode()' is called, but from FF its not! If I remove the hash ahref above FF works, but IE doesn't (href="#").
I've tried changing the '&ModeEnabled=' to '&ModeEnabled=', but no success.
I've looked on google and the struts forum, but no success.
I'm tempted to rip out all the ahref's and replace them with Dojo buttons and see if that works, but before I do, I just wondered if anyone could shead some light on why.
My guess is that ahref is the wrong thing to use, but why?
If anyone could help me understand why though it would be appreciated.
Thanks
Jeff Porter
EDIT: The return false is part of the solution. The problem seems to be that the url..
/mainApp/secure/setMaintenanceMode.action?hardwareId=5&storeCode=2571&ModeEnabled=true
has the & inside it, if I go to this url as it is, then it works in IE, but not in FF.
if I change both to be & then it works in IE & FF.
if I change both to be & then it still works in IE but not FF.
Any ideas?
Note:
Seems that struts 2.0.9 does not support the property escapeAmp on the <s:url tag:
By default request parameters will be separated using escaped ampersands (i.e., &). This is necessary for XHTML compliance, however, when using the URL generated by this tag with the <s:property> tag, the escapeAmp attribute should be used to disable ampersand escaping.
soultion: return false on the onclick and upgrade to new struts + set escapeAmp param.
else, url = url.replace("&", "&");.
发布评论
评论(3)
尝试从 javascript 方法返回 false
这应该会阻止 javascript onclick 事件到达浏览器。
Try returning false from the javascript method
This should stop the javascript onclick event reaching the browser.
onclick="setMaintenanceMode(false); return false;"onclick 正在工作,但 href 也会立即工作。您需要从点击处理程序返回 false 以表明不应遵循 href。
IE 可能会猜测您的意思,并执行错误的操作。
onclick="setMaintenanceMode(false); return false;"The onclick is working, but then the href does immediately, as well. You need to return false from the click handler to signal that href should not be followed.
IE likely guesses at what you mean, and does the wrong thing.
我对此表示怀疑——它在任何一个地方都不应该起作用。它不依赖于浏览器,而是依赖于服务器。
字符串
a=b&c=d被服务器框架分割成参数。 Servlet要求只能用&来分隔参数,所以会返回a=b和amp;c=d。后一个参数显然不会被需要c的应用程序识别。由于各种原因,HTML 规范强烈建议还允许使用
;作为分隔符,在这种情况下,您会得到a=b,一个杂散的amp 没有等号将毫无意义并被丢弃,以及c=d。因此,尽管 & 符号编码错误,它仍然可以工作。不幸的是,Servlet 忽略了这个建议。哦亲爱的!多么不幸啊。在将参数加入 URL 时,不应转义 & 符号。您只需用一个 & 符号连接参数,然后然后,如果您需要将完成的 URL 放入文本内容的属性值中,请对整个 URL 进行 HTML 编码。 Struts 的默认行为在这里是完全错误的。
在您的情况下,您不会将 URL 输出到属性值或文本内容,而是将其写入脚本块中的字符串文字:
在老式 HTML 的脚本块中,HTML 转义不适用。 (在本机 XML 中的 XHTML 中确实如此,但我们暂时不要考虑这一点。)
但是,您仍然需要考虑 JavaScript 转义。例如,如果 setMaintenanceMode 链接中有撇号怎么办?它会折断绳子。或者,如果字符串中有一个
序列,它会破坏整个脚本块。您真正想要做的是创建 URL(不任何与号转义),然后在其上使用 JavaScript 字符串文字反斜杠转义。最好是使用现有的 JSON 编码器,它将任何 Java 值转换为 JavaScript 文本,如果它是字符串,也可以将周围的引号放入其中。您还可以在大多数 JSON 编码器上告诉它对
<和&字符进行 JS 转义,这意味着如果您决定提供服务,则不必担心 XHTML 解析。未来将页面作为 XML 格式。当然,如果您单击的某个内容不是指向另一个位置的链接,而只是通过脚本对页面执行某些操作,那么它就不是链接真的,你最好将其标记为
然而(再次),这一切似乎毫无意义,因为目前您正在用与链接一样的行为替换链接的行为,只是不那么灵活。简单地说有什么问题:?
I doubt it – it shouldn't work in either. It's not browser-dependent, but server-dependent.
The string
a=b&c=dis split into parameters by the server framework. Servlet requires that only&be used to separate parameters, so it will returna=bandamp;c=d. The latter parameter obviously won't be recognised by the application which is expectingc.The HTML specification for various reasons strongly recommends that
;also be allowed as a separator, in which case you'd geta=b, a strayampwhich without an equals sign would be meaningless and discarded, andc=d. So despite the mis-encoding of the ampersand it would still work. Unfortunately, Servlet ignores this recommendation.Oh dear! How unfortunate. You shouldn't escape ampersands at the point of joining parameters into a URL. You should simply join the parameters with a single ampersand, and then, if you need to put the finished URL into an attribute value of text content, HTML-encode the entire URL. Struts's default behaviour is simply wrong here.
In your case you are not outputting the URL to an attribute value or text content, you're writing it into a string literal in a script block:
In a script block in old-school HTML, HTML-escaping does not apply. (In XHTML in native XML it does, but let's not think about that yet.)
However, you still do need to think about JavaScript escapes. For example what if there were an apostrophe in the setMaintenanceMode link? It would break the string. Or if somehow you had a
</sequence in the string it'd break the entire script block.What you really want to be doing is making the URL (without any ampersand-escaping), and then use a JavaScript string literal backslash-escape on it. Best would be to use an existing JSON encoder which will turn any Java value into a JavaScript literal, putting the surrounding quotes in for you too if it's a string. You can also on most JSON encoders tell it to JS-escape the
<and&characters, which means not having to worry about XHTML parsing if you decided to serve the page as XML in the future.Well certainly if you have a thing you click on that isn't a link to another location, but simply does something to the page via script, then that's not a link really, and you'd be much better off marking it up as a
<button>or<input type="button">, and using CSS to restyle it not to look like a button if you don't want it to.However (again), this all seems rather pointless, as at the moment you are replacing the behaviour of a link with behaviour that just like a link only not as flexible. What's wrong with simply:?