<%和<%之间有什么区别:
[英]What's the difference between <% and <%:
问题描述
I couldn't find anything through Google, I suppose the search terms are too much to handle. 
我在谷歌找不到任何东西,我想搜索条件太多了。 The VS built-in help only explains <%, which is just embedded code. VS内置帮助只解释<%,这只是嵌入式代码。 There is no mention of <%: 没有提到<%:
EDIT: My book says, that the only difference is that <%: returns a MvcHtmlString. 编辑:我的书说,唯一的区别是<%:返回一个MvcHtmlString。 Why do we need an extra symbol for <%: just to return something? 为什么我们需要一个额外的符号<%:只是为了返回一些东西?
EDIT2: An example: EDIT2:一个例子:
<% Html.RenderAction("xxx", "xxx"); %>
Nothing is returned, that's why we have to say <%, because it would htmlencode? 什么都没有返回,这就是为什么我们必须说<%,因为它会htmlencode? But what if I render something in .RenderAction() that needs to be htmlencoded too? 但是如果我在.RenderAction()中呈现需要htmlencoded的东西呢? Or does that not make sense? 或者这没有意义吗?
Thanks for any help! 谢谢你的帮助! It would really help me to understand asp.net. 这真的有助于我理解asp.net。
3 个解决方案
解决方案1
3 2010-12-25 16:50:47
Using <%: you are already tell the page to HtmlEncode what is inside the <%: %> tags. 使用<%:您已经告诉页面HtmlEncode <%:%>标记内的内容。 and it was presented in .Net 4. 它出现在.Net 4中。
EDIT: Yes, MvcHtmlString is already HtmlEncoded. 编辑:是的,MvcHtmlString已经是HtmlEncoded。
PS: If you want (sometimes) not to encode text as HTML stick with the old ones but you have to know that if that data was provided by users it is considered a security threat which could be used as an exploit to impose XSS attacks against your web site/application. PS:如果你希望(有时)不将文本编码为HTML粘贴旧文件,但你必须知道,如果该数据是由用户提供的,那么它被认为是一种安全威胁,可以用来对其进行XSS攻击。您的网站/应用程序。
解决方案2
2 2010-12-25 16:50:17
两者都用于在视图上呈现文本,但是当您使用<%:时,文本将自动进行HTMLEncoded。
解决方案3
2 已采纳 2010-12-25 16:57:07
As indicated in other answers, it is for Html encoding. 如其他答案所示,它适用于Html编码。 Here's a blog entry explaining . 这是一篇博客文章解释 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.