我正在使用此代码创建一个javascript代码字符串,并从后面的C#代码运行它们。
它对于正常值工作正常,但在值中存在'(撇号)时断开。
StringBuilder sb = new StringBuilder();
sb.Append("<script>");
// Store transmission chrome feature.
for(int i=0; i < Transmission.Length; i++)
{
sb.Append("var obj = {text: '" + Transmission[i][0] + "',"
+ "value: '" + Transmission[i][1] +"'};");
sb.Append("transChromeData.push(obj);");
}
sb.Append("</" + "script>");
this.RegisterStartupScript("Info", sb.ToString());
答案 0 :(得分:0)
如果有人添加\
作为值,它也会中断。您需要转义会破坏Javascript字符串的字符 - HttpUtility.JavaScriptStringEncode将为您执行此操作:
StringBuilder sb = new StringBuilder();
sb.Append("<script>");
// Store transmission chrome feature.
for(int i=0; i < Transmission.Length; i++)
{
sb.Append("var obj = {text: '" + HttpUtility.JavaScriptStringEncode(Transmission[i][0]) + "',"
+ "value: '" + HttpUtility.JavaScriptStringEncode(Transmission[i][2]) +"'};");
sb.Append("transChromeData.push(obj);");
}
sb.Append("</" + "script>");
this.RegisterStartupScript("Info", sb.ToString());
对于过时的.NET版本,您需要自己动手。 Rick Strahl有good implementation,涵盖了不同的JS角色:
public static string EncodeJsString(string s)
{
StringBuilder sb = new StringBuilder();
sb.Append("\"");
foreach (char c in s)
{
switch (c)
{
case '\"':
sb.Append("\\\"");
break;
case '\\':
sb.Append("\\\\");
break;
case '\b':
sb.Append("\\b");
break;
case '\f':
sb.Append("\\f");
break;
case '\n':
sb.Append("\\n");
break;
case '\r':
sb.Append("\\r");
break;
case '\t':
sb.Append("\\t");
break;
default:
int i = (int)c;
if (i < 32 || i > 127)
{
sb.AppendFormat("\\u{0:X04}", i);
}
else
{
sb.Append(c);
}
break;
}
}
sb.Append("\"");
return sb.ToString();
}
答案 1 :(得分:0)
使用Microsoft JScript转义功能
Microsoft.JScript.GlobalObject.escape("String to escape");
编辑以下的
StringBuilder sb = new StringBuilder();
sb.Append("<script>");
// Store transmission chrome feature.
for(int i=0; i < Transmission.Length; i++)
{
sb.Append("var obj = {text: '" + Microsoft.JScript.GlobalObject.escape(Transmission[i][0]) + "',"
+ "value: '" + Microsoft.JScript.GlobalObject.escape(Transmission[i][1]) +"'};");
sb.Append("transChromeData.push(obj);");
}
sb.Append("</" + "script>");
this.RegisterStartupScript("Info", sb.ToString());
或者你可以使用
HttpUtility.UrlDecode
但不安全
在asp.net 1.1上尝试使用此处建议的代码 http://www.west-wind.com/weblog/posts/2007/Jul/14/Embedding-JavaScript-Strings-from-an-ASPNET-Page
答案 2 :(得分:0)
试试这个:
StringBuilder sb = new StringBuilder();
sb.Append("<script>");
// Store transmission chrome feature.
for (int i = 0; i < Transmission.Length; i++)
{
sb.Append("var obj = {text: '")
.Append(Escape(Transmission[i][0]))
.Append("',")
.Append("value: '")
.Append(Escape(Transmission[i][1]))
.Append("'};")
.Append("transChromeData.push(obj);");
}
sb.Append("</script>");
this.RegisterStartupScript("Info", sb.ToString());
...
static string Escape(string source)
{
return source.Replace(@"'", @"\'");
}