stackoom
  简体   繁体   中英

Can we use scriptlets inside Javascript?

 原文  2015-07-31 05:01:09       javascript/ jsp/ scriptlet

Question

Here is my Code:

<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%@page import="java.sql.*"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Example of Java Server Page with JDBC</title>
    </head>
<script>
function myFunction() {
    var x='<% request.getParameter("ServerName"); %>';
    alert(x);
</script>
<body>
<form>
    ServerName:  <input type="text" name="ServerName"   required> <br><br>
<input type="submit" id="btnSubmit" name="btnSubmit" />
            </div>
            </form>
  </body>
</html>

Here in the above function onclick of a button i want to execute the scriptlets which is inside javascript?

2 answers

solution1
 1  2015-07-31 05:13:59

It sounds like you are placing the JSP code within a JavaScript page, or at least in a non-JSP page. Scriptlets can only be included in a JSP page (typically configured to be *.jsp).

The statement as presented, if processed by the JSP compiler, would result in myVar being equal to '' as the scriptlet format you are using <% ... %> executes Java code between the tags, but does not return a result.

So, to use this tag you would need to manually write a value to the request output stream. To get the desired functionality you need to do the following:

make sure your code is in a JSP page, if yes then 

function myFunction() {
    var x= '&lt;%= request.getContextPath() %&gt;'; //(note the equals sign)
    alert(x);
}

With all that said, scriptlets are viewed as bad practice in most cases. For most cases, your should be using JSTL expressions and custom tags.

solution2
 1  2015-07-31 14:30:06

you can also use this: 

<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%@page import="java.sql.*"%>
<%
String ServerName = (String)request.getParameter("ServerName");
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
   "http://www.w3.org/TR/html4/loose.dtd">
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Example of Java Server Page with JDBC</title>
    </head>
<script>
function myFunction() {
    var x='<%=ServerName%>';
    alert(x);
</script>
<body>

    ServerName:  <input type="text" name="ServerName"   required> <br><br>
<input type="submit" id="btnSubmit" name="btnSubmit" />
            </div>
            </form>
  </body>
</html>

solution3
 1  2015-07-31 14:35:39

You can, but if you want the result to be passed to the JavaScript you have to output something. 

var x='<%= request.getParameter("ServerName"); %>';
         ^ output!

… and unless you take measures to escape that data, you render yourself vulnerable to XSS attacks.

(And, obviously, this won't work until the form is actually submitted)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Can we use a predefined function inside a custom function in JavaScript? Can we use atob() or btoa() javascript functions inside script mediator (language : javascript ) of WSO2 ESB? Can we use javascript in C#? Can we use libemu library in JavaScript Can we use GoJS library offline in Javascript? How we can use pipes in React JavaScript? Can we use function as a return statement in javascript? can we use a variable to declare a div in JAVASCRIPT? Passing a variable from Scriptlets to Javascript. How can we put HTML lists inside a JavaScript array?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM