xslt,javascript和未转义的html实体
[英]xslt, javascript and unescaped html entities
问题描述
i have a tiny little problem with xslt, js and html entities, eg. 
我对xslt,js和html实体有一个小小的问题,例如。 within a template: 在模板中:
<script type="text/javascript">
<xsl:value-of select="/some/node"/>
for (var i = 0; i < 5; i++) {
// ^^^ js error
}
</script>
<script type="text/javascript">
<xsl:value-of select="/some/node"/>
for (var i = 0; i < 5; i++) {
// ^ xslt error
}
</script>
<script type="text/javascript">
<xsl:value-of select="/some/node"/>
// <![CDATA[
for (var i = 0; i < 5; i++) {
// ^ becomes <
}
// ]]>
</script>
<script type="text/javascript">
<xsl:value-of select="/some/node"/>
for (var i = 0; i <xsl:value-of disable-output-escaping="yes" select="string('<')"/> 5; i++) {
// works of course
}
</script>
does anyone have an idea where my problem could come from? 有谁知道我的问题可能来自哪里? i always thought the xslt processor would leave the content of a <script/> element unescaped when using the html output method ... 我一直以为xslt处理器在使用html输出方法时会将<script />元素的内容保留下来。
i run libxslt2 version 1.1.24 on OSX which was installed using macportsports ... 我在使用macportsports安装的OSX上运行libxslt2版本1.1.24 ...
5 个解决方案
解决方案1
11 已采纳 2009-01-12 13:54:28
ok. 好。 long story, short answer: 长话短说:
it seems that with some libxslt versions the xslt processor leaves the content of a <script/> element unescaped when using the html output method, with others not ... therefore the following is recommended: 似乎在某些libxslt版本中 ,使用html输出方法时,xslt处理器会将<script />元素的内容保留为未转义,而对于其他版本则不 ...因此建议以下操作:
<script type="text/javascript">
<xsl:value-of select="/some/node"/>
<xsl:text disable-output-escaping="yes">
// ^ does the trick ...
for (var i = 0; i < 5; i++) {
// ^ works
}
</xsl:text>
</script>
解决方案2
4 2009-01-12 10:55:01
i always thought the xslt processor would leave the content of a script element unescaped when using the html output method
You are correct: http://www.w3.org/TR/xslt#section-HTML-Output-Method 您是正确的: http : //www.w3.org/TR/xslt#section-HTML-Output-Method
The html output method should not perform escaping for the content of the script and style elements.
For example, a literal result element written in the stylesheet as
<script>if (a < b) foo()</script>
or
<script><![CDATA[if (a < b) foo()]]></script>
should be output as
<script>if (a < b) foo()</script>
If your XSLT processor is doing otherwise, it's a bug. 如果您的XSLT处理器不这样做,那就是一个错误。
However, in any case it's a good idea to avoid '<' and '&' in embedded scripts, and an even better idea to kick all the code out into a linked .js file. 但是,无论如何,最好避免在嵌入式脚本中使用'<'和'&',而将所有代码都踢到链接的.js文件中则是一个更好的主意。
解决方案3
1 2009-01-12 10:21:18
The CDATA blocks should have worked; CDATA块应该已经起作用; they always have for me. 他们总是有我的。 What's your disable-output-escaping value? 您的disable-output-escaping值是多少?
UPDATE: Using Xalan, with disable-output-escaping on its default, which I'm pretty sure is no , I have the following in my working XSL files: 更新:我使用Xalan,默认情况下将disable-output-escaping设置为no ,我很确定是no ,我的工作XSL文件中包含以下内容:
No
CDATAblock:没有CDATA块:for (var i = 0; i `<` foo.length; i++) { … }CDATAblock:CDATA块:<![CDATA[ for (var i = 0; i < foo.length; i++) { … } ]]>
解决方案4
1 2009-01-12 10:25:13
尝试在第三个解决方案的CDATA之前删除双斜杠
解决方案5
0 2010-03-18 12:32:19
If the xsl:output method is html, the CDATA section would work. 如果xsl:output方法为html,则CDATA部分将起作用。 If the xsl:output method is xml, the < and > signs would still be converted. 如果xsl:output方法是xml,则<和>符号仍将转换。
To get around this problem, you may define the script element to not behave this way using the xsl:output element. 要解决此问题,可以使用xsl:output元素将script元素定义为不以这种方式运行。 you can also force the method of the output using xml or html 您也可以使用xml或html强制输出方法
<xsl:output method="xml" cdata-section-elements="script" />
...
<script type="text/javascript" language="javascript">
<![CDATA[
for (var i = 0; i < foo.length; i++) { … }
]]>
</script>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.