如何在后面的代码中防止属性的HTML编码?
[英]How do I prevent HTML encoding of attributes in the code behind?
问题描述
I have the following in my aspx. 
我的aspx中有以下内容。
<html>
<body>
<input id="but" type="button" value="ClickMe" />
</body>
</html>
Code behind 后面的代码
//Pageload
but.Attributes.Add("onclick", "this.parentNode.innerHTML += '<a id=""link"" href=""mylink""></a>';document.getElementById(""link"").click();");
Rendered html 呈现的HTML
<input name="ctl00$Content$btn" type="button" id="ctl00_Content_btn" value="ClickMe"
onclick="this.parentNode.innerHTML += '<a id="link" href="mylink"></a>';document.getElementById("link").click();" />
How can I get the < > " characters to render properly? 如何获得< > "字符以正确呈现?
5 个解决方案
解决方案1
4 已采纳 2011-07-27 22:53:50
You cannot render these characters without encoding. 如果不进行编码,则无法渲染这些字符。
You cannot add client-side script to a WebControl instance using the Attributes collection.
If you insist, just render your own control. 如果您坚持,则只需呈现自己的控件即可。
解决方案2
3 2011-07-28 16:46:23
Thanks Aristos, this works. 谢谢亚里士多德,这可行。
Page.ClientScript.RegisterStartupScript(Me.GetType(), "butClick", "function butClick() {this.parentNode.innerHTML += '<a id=""link"" href=""mylink""></a>';document.getElementById(""link"").click();}")
but.Attributes.Add("onclick", "butClick();");
解决方案3
0 2013-03-26 16:24:09
If you really want to prevent the encoding of parameters, you'll need to create your own customized control and override the AddAttributesToRender method. 如果您确实想防止参数编码,则需要创建自己的自定义控件并覆盖AddAttributesToRender方法。 Obviously this isn't very flexible because you'll need to create a separate custom control for each type of control you use. 显然,这不是很灵活,因为您需要为使用的每种控件类型创建一个单独的自定义控件。
Fortunately, this is very easy and only needs a few lines of code so may work out. 幸运的是,这非常简单,只需要几行代码,因此可以解决。 Here is the complete code needed for a customized button: 这是自定义按钮所需的完整代码:
public class MyCustomButton : Button
{
protected override void AddAttributesToRender(HtmlTextWriter writer)
{
base.AddAttributesToRender(writer);
writer.AddAttribute("onclick", "myJavascriptFunction('a string');", false); // passing false to the AddAttribute method tells it not to encode this attribute.
}
}
Obviously, this only appends a hard-coded onclick to the end of the attributes and may interfere if an onclick has already been provided. 显然,这仅将硬编码的onclick附加到属性的末尾,如果已经提供了onclick,则可能会造成干扰。 If you wanted to take this further, you could iterate over the actual Attributes collection and add them all this way. 如果您想进一步扩展此功能,则可以遍历实际的Attributes集合并以这种方式添加它们。
解决方案4
0 2011-07-28 14:01:29
Override your Render method for the control and add this line: 覆盖控件的Render方法,并添加以下行:
base.Attributes.Add("onclick", Page.ClientScript.GetPostBackEventReference(new PostBackOptions(this, string.Empty)));
And on the page it should render as: 并在页面上将其呈现为:
onclick="__doPostBack('ctl00$ctl00$PageContent$LocalContents$button_id', '')"
Which IE should understand as a postback reference, so it shouldn't encode it. 哪个IE应该理解为回发参考,因此不应该对其进行编码。 .Net should match it up with your server side event handler .Net应该与您的服务器端事件处理程序匹配
解决方案5
-1 2011-09-26 07:36:40
.net 4.0 has inbuilt functionality. .net 4.0具有内置功能。 http://msdn.microsoft.com/en-us/library/system.web.httputility.javascriptstringencode.aspx - from the docs. http://msdn.microsoft.com/zh-CN/library/system.web.httputility.javascriptstringencode.aspx-来自文档。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.