在JavaScript中转义反斜杠

Question

<script type="text/javascript"> 
    console.log(#Fileurl#);
    jQuery.ajax({
        url: "http://xyz:8800/aaa/bbb/ccc",
        type:'POST',
        dataType: 'JSON',
        data:{"file":"#Fileurl#"},
        success: function(data) {
            console.log(data);
        }
    });
</script>

This is the javascript code inside a coldfusion page. If I try to print "Fileurl" outside script,output is perfect.

output : D:\\abc\\FLV\\238550_605_orion.mp4.

But inside javascript output is,

D:abcFLV238550_605_orion.mp4.

Actually we want to send url to delete the particular file.Reply is highly appreciated.

Answer 1

Hi there is no way to do the task in javascript. So instead of

use ColdFusion's jsstringformat to convert the Fileurl to

D:\\abc\\FLV\\238550_605_orion.mp4

console.log("<cfoutput>JSStringFormat(Fileurl)</cfoutput>");

Answer 2

If you're using ColdFusion 10+, you should use encodeForJavaScript() instead of JSStringFormat() . In addition, by putting the path to a network file in the client-side code, you're opening yourself up to a Path Traversal attack.

The user could manipulate the JavaScript to point to different files and folders than what you're intending. If you're passing this to a delete function, you could be in for a world of trouble. Why not pass some file ID instead?

Answer 3

Backslash has special meaning, you have to escape that. You can try to double the backslashes, or use proper url format like file://path/to/file with forward slashes.