Quotes issue...

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • EdUarDo

    Quotes issue...

    I think it's a common problem, but I haven't found answers for it.
    I have a sentence (mixture of HTML, Javascript and JSTL) like this:

    <a href='javascrip t:selectItem('$ {item.code}', '${item.alias}' );
    ${item.alias}
    </a>

    ${item.alias} is a JSTL way to get a String from a parameter
    that may contains single or double quotes.

    If the string contains single quotes I get an error because the
    sentence is not well formed. But if I use double quotes and the
    string have double quotes I'll get the same error.

    What is the way to solve this issue? Is there any?
  • RobG

    #2
    Re: Quotes issue...

    EdUarDo wrote:[color=blue]
    > I think it's a common problem, but I haven't found answers for it.
    > I have a sentence (mixture of HTML, Javascript and JSTL) like this:
    >
    > <a href='javascrip t:selectItem('$ {item.code}', '${item.alias}' );
    > ${item.alias}
    > </a>
    >
    > ${item.alias} is a JSTL way to get a String from a parameter
    > that may contains single or double quotes.
    >
    > If the string contains single quotes I get an error because the
    > sentence is not well formed. But if I use double quotes and the
    > string have double quotes I'll get the same error.
    >
    > What is the way to solve this issue? Is there any?[/color]

    As a guess (I can't test it right now), replace any double
    quotes in "item.alias " with "%22" and single quotes with "%27".

    The in your javascript, unescape the strings before you use
    them. The following shows the principle (the encoding will
    occur on your server I guess?):

    <form action="">
    <input type="text" value="'" name="txt"><br>
    <input type="button" value="encode" onclick="
    this.form.code. value = escape(this.for m.txt.value);
    "><br>
    <input type="text" name="code"><br >
    <input type="button" value="decode" onclick="
    alert(unescape( this.form.code. value));
    ">
    <input type="reset">
    </form>



    --
    Rob

    Comment

    • EdUarDo

      #3
      Re: Quotes issue...

      [color=blue]
      > As a guess (I can't test it right now), replace any double
      > quotes in "item.alias " with "%22" and single quotes with "%27".
      >
      > The in your javascript, unescape the strings before you use
      > them. The following shows the principle (the encoding will
      > occur on your server I guess?):[/color]

      This doesn't work for me.
      At server I've replaced all single and double quotes with %27 and %22
      respectively.

      And my client page have this code:

      <tr>
      <td align="left">
      <a href="javascrip t:
      selectItem('${i tem.code}', '${item.alias}' , '${item.descrip tions[SPANISH]}', '${item.descrip tions[ENGLISH]}');">
      ${item.alias}
      </a>
      </td>
      <td align="center"> ${item.code}</td>
      <td align="center"> ${item.descript ions[SPANISH]}</td>
      <td align="center"> ${item.descript ions[ENGLISH]}</td>
      <td align="left">${ item.tableName} </td>
      </tr>

      Once it's processed, the resulting code is:

      <tr>
      <td align="left">
      <a href="javascrip t:selectItem('1 440000002', '03', 'elemento%27uno ', 'elemento%27uno ');">
      03
      </a>
      </td>
      <td align="center"> 1440000002</td>
      <td align="center"> elemento%27uno</td>
      <td align="center"> elemento%27uno</td>
      <td align="left">ta bla1</td>
      </tr>

      When I click on the link (a href) I get this error

      Error: missing ) after argument list
      Source File: javascript:sele ctItem('1440000 002', '03', 'elemento%27uno ', 'elemento%27uno ');
      Line: 1, Column: 50
      Source Code:
      selectItem('144 0000002', '03', 'elemento'uno', 'elemento'uno') ;
      ------------------------------------------^

      Also I have tried to unescape the descriptions but with the same results.

      Comment

      • Richard Cornford

        #4
        Re: Quotes issue...

        EdUarDo wrote:[color=blue][color=green]
        >> As a guess (I can't test it right now), replace any double
        >> quotes in "item.alias " with "%22" and single quotes with "%27".
        >>
        >> The in your javascript, unescape the strings before you use
        >> them. The following shows the principle (the encoding will
        >> occur on your server I guess?):[/color]
        >
        > This doesn't work for me.
        > At server I've replaced all single and double
        > quotes with %27 and %22 respectively.[/color]
        <snip>

        It wouldn't, that is URL encoding. For javascript you want to use
        javascript escape sequences within strings. Escape sequences begin with
        a backslash followed with an 'x' then a two digit hexadecimal number
        (the character code in hex) or with a 'u' followed by the four digit
        hexadecimal Unicode character code. I don't have time to look up the
        values for quote characters but they should be easy to work out form the
        ECMA Script language specification (or any decent javascript reference)
        (but I would guess (hex) - \x27 - and - \x22 -, or (Unicode) - \u0027 -
        and \u2200 - if the URL encoding is correct).

        Richard.


        Comment

        Working...