getAttribute(“ name”)是否转义html?
[英]getAttribute(“name”) unescapes html?
问题描述
We have some custom JS scripts to deal with tooltip which are put in a dom attribute (tooltip) when we render the page. 
我们有一些自定义JS脚本来处理工具提示,这些脚本在呈现页面时放在dom属性(工具提示)中。
however when i try to retrieve this tooltips (displayed as divs) string javaScript seems to automatically unescape the attribute value. 但是,当我尝试检索此工具提示(显示为div)时,字符串javaScript似乎会自动取消转义属性值。 is this normal behavior? 这是正常行为吗? and is there a way to avoid this? 有办法避免这种情况吗?
The problem i have is that <email@example.org> turn into (invalid) html. 我的问题是<email@example.org>变成了(无效的)html。
example for reproduction: 复制示例:
<div tltip ="<text>" id="escaped" />
<div tltip ="<text>"id="notescaped" />
js: js:
a = document.getElementById("escaped").getAttribute("tooltip");
b = document.getElementById("notescaped").getAttribute("tooltip");
a.match("<"); //returns true (unexpected)
a.match("<"); //returns true (expected)
a == b; // returns true (unexpected)
edit: 编辑:
to clarify im trying to display a (div) tooltip where i would like to somehow read content such as: "<b> <email@example.com> <\\b>" from the dom and display it in a div where it should look like: " <email@example.org> " 澄清我试图显示(div)工具提示的地方,我想以某种方式从dom中读取诸如"<b> <email@example.com> <\\b>" ,并将其显示在div中看起来像:“ <email@example.org> ”
1 个解决方案
解决方案1
6 2012-06-27 10:43:03
It's not JavaScript which "unescapes" the characters, but the HTML parser which decodes the entities. 不是“转义”字符的JavaScript,而是解码实体的HTML解析器。 It's expected behaviour. 这是预期的行为。
If it does not sound logical to you, tell me how you would put a double and a single quote in an attribute. 如果您觉得这不合逻辑,请告诉我如何在属性中加上双引号和单引号。
<div tltip=""'"> does not work.
<div tltip=""'"> does work.
<div tltip='"''> does work.
<div tltip=""'"> does work.
Regarding the edited question 关于已编辑的问题
You don't have to read the original source code. 您不必阅读原始源代码。 For instance: 例如:
<div tltip="<b>test</b>" id="test"></div>
var output1 = document.getElementById('html');
var output2 = document.getElementById('plain');
var attrValue = document.getElementById('test').getAttribute('tltip');
output1.innerHTML = attrValue;
output2.textContent = attrValue;
Will render as: 将呈现为:
Output 1: test 输出1: 测试
Output 2: <b>test</b> 输出2:<b>测试</ b>
textContent is not supported in old IE versions. 旧的IE版本不支持textContent 。 A cross-browser compatible way is: 跨浏览器兼容的方式是:
output2[document.textContent === null ? 'textContent' : 'innerText'] = attrValue;
// OR
output2.innerHTML = ''; // Empty contents
output2.appendChild(document.createTextNode(attrValue));
If you still want to decode the entities, then the following will work: 如果您仍想解码实体,则可以进行以下操作:
// <b> -> <b>
function decode(strHTML) {
var tmp = document.createElement('div');
tmp.appendChild(document.createTextNode(strHTML));
return tmp.innerHTML;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.