JavaScript removes slash from JSP variable

Question

JavaScript removes slash from JSP variable

Have the JSP ${remoteFolder} variable

Value \\ file-srv \ demo

Use jQuery built into this JSP.

jQuery resolves the ${remoteFolder} variable as \ file-srvdemo , i.e. one slash is removed.

How to save the initial value of this var?

edited : when ${remoteFolder} used inside the form tag, it allowed OK.

edited2:

JS part of JSP, slashes are deleted.

  <script> var oScript = document.createElement("script"); oScript.type = "text/javascript"; oScript.text = "var $j = jQuery.noConflict();"; oScript.text+= "$j(document).ready(function(){"; ... oScript.text+= "'script':'<%= request.getContextPath() %>/uploadFile?portletId=${portletId}&remoteFolder=${remoteFolder}',"; ... oScript.text+= "});"; document.body.appendChild(oScript); </script>

edited3:

earlier use of ${remoteFolder} var, everything was ok with the slash <form enctype = "multipart / form-data" method = "post" target = "uploadFrame" action = "<% = request.getContextPath ()%> / uploadFile? portletId = $ {portletId} & remoteFolder = $ {remoteFolder} ">

+4

javascript variables jsp escaping slash

sergionni Feb 15 '10 at 11:37

source share

4 answers

This is JavaScript, not jQuery. You will need to avoid any backslash that you want to keep when creating JavaScript string literals using an optional backslash.

+2

Tim down Feb 15 '10 at 11:41

source share

I find that I cannot write a serious web application without having my own EL function library with some critical functions. Among them is "jsQuote" (or "escapeJS", depending on what mood I am in), the purpose of which is to "protect" extended strings so that they can be dumped into Javascript string constants. It is similar to fn:escapeXml() , but instead of the target HTML syntax, it targets Javascript. Typically, you need to check for backslashes, quotation marks, newlines, and other common control characters, and then any characters outside the 7-bit print range. With such a function, you can always safely do something like this:

 <script> // ... var s = 'A string ${yourLib:escapeJS(some.java.bean.property)} constant'; // ... </script>

I really want such a thing to become part of the JSTL standard, but I don't hope so. Fortunately, it is very easy to write.

+2

Pointy Feb 15 '10 at 13:31

source share

Try setting $remotefolder to \\\\ file-srv \\ demo since javascripts interprets \ escape char, thereby requiring \\ to print \.

+1

kb. Feb 15 '10 at 11:41

source share

Balusc · Accepted Answer · 2010-02-15T13:30:06+0000

There are two problems here.

First, \ is an escape character in JS strings. If you want to represent \ in the JS line, you need to get away from it twice: \\ . The easiest way is to use JSTL fn:replace for this.

 var jsVariable = "${fn:replace(javaVariable, '\\', '\\\\')}";

Secondly, you want to send it as a URL parameter. \ is an illegal character in the URL parameter. You need to URL encode it. The easiest way is to use the Javascript escape() function to do this.

 var urlParameter = escape(jsVariable);

Summarizing,

 oScript.text+= "'script':'<%= request.getContextPath() %>/uploadFile?portletId=${portletId}&remoteFolder=${remoteFolder}',";

must be replaced by

 oScript.text += "'script':" + "'${pageContext.request.contextPath}/uploadFile" + "?portletId=${portletId}" + "&remoteFolder=" + escape("${fn:replace(remoteFolder, '\\', '\\\\')}") + "',";

Alternatively, you can use / instead of \ as a file path separator. This works fine on Windows as well. You do not need to avoid them for use in strings, however you still need to URL-encode it.

 oScript.text += "'script':" + "'${pageContext.request.contextPath}/uploadFile" + "?portletId=${portletId}" + "&remoteFolder=" + escape("${remoteFolder}") + "',";

JavaScript removes slash from JSP variable

More articles: