如何阻止这个 json 转义 html?
我有一个返回用户评论的ajax 控件。它由 ac# ajax 处理程序页面提供服务,c# 匹配用户可以在评论中留下的时间跨度:
commmentToDisplay = Regex.Replace(c.CommentText, timeSpanRegex, "<a href=\'\' onclick=\'alert(\'Flash Required\');\'>" + actualTimeSpan + "</a>");
这会生成以下 json:
({
"numOfPages":"1",
"pageIndex":"1",
"comments": [
{
"user":"hmladmin",
"created":"29/03/2011 16:41:20",
"id":"1",
"comment":"<a href='' onclick='alert('Flash Required');'>00:00:21</a>",
"editable":"true",
"reportable":"true"
}
]
})
令人困惑的是,当我在 firebug 中查看 html 时,它会显示为:
<a );="" required="" flash="" onclick="alert(" href="">00:00:21</a>
我尝试过:
commmentToDisplay = Regex.Replace(c.CommentText, timeSpanRegex, "<a href=\'\' onclick=\'alert(\"Flash Required\");\'>" + actualTimeSpan + "</a>");
并且
commmentToDisplay = Regex.Replace(c.CommentText, timeSpanRegex, "<a href=\'\' onclick=\"alert(\"Flash Required\");\">" + actualTimeSpan + "</a>");
还有多种排列我只是无法弄清楚如何获取 json 和 c# 以在 onclick 事件中返回带有警报消息的锚标记。
有人可以帮助我弄清楚如何正确地逃避这个问题,这样这个问题就不会发生。
I have an ajax control that returns user comments. Its served by a c# ajax handler page and the c# matches a timespan that a user can leave in the comments:
commmentToDisplay = Regex.Replace(c.CommentText, timeSpanRegex, "<a href=\'\' onclick=\'alert(\'Flash Required\');\'>" + actualTimeSpan + "</a>");
This produces the following json:
({
"numOfPages":"1",
"pageIndex":"1",
"comments": [
{
"user":"hmladmin",
"created":"29/03/2011 16:41:20",
"id":"1",
"comment":"<a href='' onclick='alert('Flash Required');'>00:00:21</a>",
"editable":"true",
"reportable":"true"
}
]
})
Confusingly when I look at the html in firebug it comes out as:
<a );="" required="" flash="" onclick="alert(" href="">00:00:21</a>
Ive tried:
commmentToDisplay = Regex.Replace(c.CommentText, timeSpanRegex, "<a href=\'\' onclick=\'alert(\"Flash Required\");\'>" + actualTimeSpan + "</a>");
and
commmentToDisplay = Regex.Replace(c.CommentText, timeSpanRegex, "<a href=\'\' onclick=\"alert(\"Flash Required\");\">" + actualTimeSpan + "</a>");
And multiple permutations of I just cannot work out how to get the json and c# to return an anchor tag with an alert message in the onclick event.
Can someone help me to work out how I escape this properly so this problem doesnt happen.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
问题是当您创建 HTML 字符串且与 JSON 无关时:
可能应该是:
The problem is when you create the string of HTML and has nothing to do with JSON:
should probably be:
您在
'alert('Flash required');'中嵌套了单引号,这是行不通的。您需要将一组更改为双引号,然后将它们转义为 JSON。例如'alert(\"FlashRequired\");'You've got nested single quotes in
'alert('Flash Required');'which won't work. You need to change one set to double-quotes then escape them (\") for JSON. e.g.'alert(\"Flash Required\");'