Menu
I am currently working on my final thesis.I have a small problem.I need to pass a HTML block which is a string block to a javascript function.I have to do this from code behind.I have tried it so much I doesnt seem as it is going to work.Here is the code in code-behind:
string htmlFlightDetailsJavaScript ;
In the string there are few div and tables which have class propeties. something like div class="bla"
ClientScriptManager cs = Page.ClientScript;
StringBuilder csText = new StringBuilder();
csText.Append("fill("+htmlFlightDetailsJavaScript+");");
cs.RegisterStartupScript(this.GetType(), "alert", csText.ToString(), true);
Here is my javascript function:
function fill(b)
{
alert(b);
}
Note that my javascript function is on the ~.aspx.
I have tried to pass the string without classes which are in the div and the table in string and it is working.But when I try to pass it with the classes,it does not work.Can anyone help me?
Thank you very much
907
This sounds like invalid Javascript is being generated.
This hypothesis can be verified with inspecting the actual Javascript transmitted and verifying the entire result, in context, for correctness.
That is, imagine that this invalid Javascript was generated:
alert("<div class="I just broke JS" ...>")
To fix this, ensure the strings literals inserted into the Javascript are valid.
For instance, the above might be written (using the following code) as:
RegisterClientScriptBlock(JsEncoder.Format(@"alert(""{0}"");", theInput))
...and it won't break because the string is escaped before. (Take a look at this output and compare: the inserted literal will be still valid Javascript, even with quotes or other characters in the theInput. As an added bonus, </script> to break the code either ;-)
This code is "free to use, modify, sell, whatever". YMMV.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Text.RegularExpressions;
namespace sbcjc.sei
{
public class JsEncoder
{
static Regex EncodeLiteralRegex;
// Format a bunch of literals.
public static string Format (string format, params object[] items)
{
return string.Format(format,
items.Select(item => EncodeString("" + item)).ToArray());
}
// Given a string, return a string suitable for safe
// use within a Javascript literal inside a <script> block.
// This approach errs on the side of "ugly" escaping.
public static string EncodeString (string value)
{
if (EncodeLiteralRegex == null) {
// initial accept "space to ~" in ASCII then reject quotes
// and some XML chars (this avoids `</script>`, `<![CDATA[..]]>>`, and XML vs HTML issues)
// "/" is not allowed because it requires an escape in JSON
var accepted = Enumerable.Range(32, 127 - 32)
.Except(new int[] { '"', '\'', '\\', '&', '<', '>', '/' });
// pattern matches everything but accepted
EncodeLiteralRegex = new Regex("[^" +
string.Join("", accepted.Select(c => @"\x" + c.ToString("x2")).ToArray())
+ "]");
}
return EncodeLiteralRegex.Replace(value ?? "", (match) =>
{
var ch = (int)match.Value[0]; // only matches a character at a time
return ch <= 127
? @"\x" + ch.ToString("x2") // not JSON
: @"\u" + ch.ToString("x4");
});
}
}
}
Happy coding.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With