Menu
I have a user form. If the user types in a string with ' or " as part of it I have no problem. The form is submitted and saved correctly to the database. My problem is when I reload the page (all entries can be modified and are loaded into a list in the JSP before being displayed). On loading the page I get an error saying:
missing ) after argument list 'Caroline's message', \n What do I need to do to escape this string for displaying it on the frontend?
Here is the code I am using on the frontend to read in the data and store it in a JavaScript object. I am not fully sure where I need to escape. The field causing the problem is c.getComName:
communications[<%=i%>][1] = new CommObject('<%=c.getComId()%>', '<%=c.getComName()%>'); UPDATED WITH HTML GENERATED:
communications[0][1] = new CommObject('101', 'Caroline's Message'); 
287
Using the Escape Character ( \ ) We can use the backslash ( \ ) escape character to prevent JavaScript from interpreting a quote as the end of the string. The syntax of \' will always be a single quote, and the syntax of \" will always be a double quote, without any fear of breaking the string.
Most people enclose PowerShell strings between apostrophes, but you can just as easily enclose a string inside quotation marks. Both are perfectly valid techniques. As such, if you know that you need to include an apostrophe within a string, then enclose the string with quotation marks.
In the HTML we use double-quotes and in the JavaScript single-quotes, so any quotes within the JavaScript code will need to be escaped so that they don't conflict with either the HTML or JavaScript quotes.
I prefer to avoid scriptlets in the middle of my page and was having to use them (increasingly often) to escape strings when used in JavaScript code. I wanted an Expression Language (EL) way of escaping the strings. I created a very small custom taglib that I use for just this purpose:
Utilities.java:
package com.mycom.taglibs; import org.apache.commons.lang.StringEscapeUtils; public class Utilities { public static String escapeJS(String value) { return StringEscapeUtils.escapeJavaScript(value); } } mytaglib.tld:
<?xml version="1.0" encoding="UTF-8" ?> <taglib xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd" version="2.0"> <description>My Tag Library</description> <display-name>Tag Utils</display-name> <tlib-version>1.1</tlib-version> <short-name>myt</short-name> <function> <description> JavaScript Escape function </description> <name>escapeJS</name> <function-class>com.mycom.taglibs.Utilities</function-class> <function-signature>java.lang.String escapeJS(java.lang.String)</function-signature> </function> </taglib> And, in the JSP page:
<%@ taglib prefix="myt" uri="/WEB-INF/mytaglib.tld" %> The escaped string is: ${myt:escapeJS(variableHoldingTheString)} If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
