C#HtmlEncode,然后使用.innerHTML插入Javascript
[英]C# HtmlEncode, then Javascript insert using .innerHTML
问题描述
What follows is a piece of text that gets HtmlEncoded in C# before being sent to the browser (during a callback). 
接下来是一段文本,在发送到浏览器之前(在回调期间)在C#中获取HtmlEncoded。 Once received, in Javascript I do myDiv.innerHTML = theStringBelow ; 收到后,在Javascript中我做myDiv.innerHTML = theStringBelow ;
<span xmlns:asp="http://schemas.microsoft.com/ASPNET/20"
xmlns:SharePoint="Microsoft.Sharepoint.WebControls"
xmlns:ext="my_namespace:my_xslt_extension">Some text to be shown.</span>
However, what results is that I simply see the exact text shown above. 但是,结果是我只看到上面显示的确切文本。 It isn't being treated as an html element that got added to the DOM, but as plain text. 它不被视为添加到DOM的html元素,而是纯文本。 When I add the exact same text through javascript (eg, I skip the callback, and just say myDiv="exactString ") it DOES get added correctly (it gets treated as a span). 当我通过javascript添加完全相同的文本(例如,我跳过回调,并且只是说myDiv="exactString ”)时,它会被正确添加(它被视为跨度)。
What is going on? 到底是怎么回事? Do I have to un-encode it? 我必须取消编码吗? Should I not have encoded to begin with? 我不应该编码开始吗?
Edit The question still stands for curiosity's sake, but I have fixed the issue simply by not HtmlEncoding the data. 编辑问题仍然代表好奇心,但我已经解决了这个问题,只是没有HtmlEncoding数据。 An earlier issue must have added onto this one, making me think the HtmlEncoding was still necessary. 早期的问题必须添加到这个问题上,让我觉得HtmlEncoding仍然是必要的。
2 个解决方案
解决方案1
2 已采纳 2011-03-23 23:48:18
You should not HTMLEncode it if it is to become HTML nodes. 如果要成为HTML节点,则不应对其进行HTMLEncode 。 What HTML encoding will do is turn your string from above into this: HTML编码将执行的操作是将您的字符串从上面转换为:
<span xmlns:asp="http://schemas.microsoft.com/ASPNET/20"
xmlns:SharePoint="Microsoft.Sharepoint.WebControls"
xmlns:ext="my_namespace:my_xslt_extension">Some text to be shown.</span>
Try passing the string in as it is. 尝试按原样传入字符串。 You will of course have to escape the string. 你当然必须逃避字符串。 But once it has become a string in JavaScript it should be unescaped as it is being made into a string in memory. 但是一旦它成为JavaScript中的一个字符串,它应该被转义,因为它被制作成内存中的字符串。 Then you should be able to do the div.innerHTML call and get your expected result. 然后你应该能够进行div.innerHTML调用并获得预期的结果。 The escaping of the string can probably be accomplished by doing the following: 可以通过执行以下操作来完成字符串的转义:
// in your .cs code-behind/view/whatever.
string = string.replace("""", "\""");
Which should produce: 哪个应该产生:
<span xmlns:asp=\"http://schemas.microsoft.com/ASPNET/20\"
xmlns:SharePoint=\"Microsoft.Sharepoint.WebControls\"
xmlns:ext=\"my_namespace:my_xslt_extension\">Some text to be shown.</span>
Which you can then output like so: 然后您可以输出如下:
// in your webform/view
<script type="text/javascript">
var mystring;
mystring = "<%=string;%>";
</script>
Let me know how that works out for you. 让我知道这对你有什么影响。
解决方案2
0 2011-03-23 23:42:37
HTML Encode will turn < into < HTML Encode将转入< into < and so on. 等等。 This breaks HTML Formatting and is used so blocks of text like this: 这会打破HTML格式,并使用这样的文本块:
Insert <name> here
Does not turn out like this: 结果不是这样的:
Insert here
If your intent is to have the <span ... get inserted into the html directly you either need to NOT encode it on the way out, or if that will disrupt transmission, you need to decode it in js before you set the .innerHTML part. 如果您的意图是将<span ...直接插入到html中,您需要在出路时不对其进行编码,或者如果这会中断传输,则需要在设置.innerHTML之前在js中对其进行解码部分。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.