How to quote/write JSP variable in JavaScript inline attribute code? - javascript

I need to send variables at runtime to a js method for ajax. I am trying with this onclick function but it gives syntax error on click.:
<c:set var="abc" value="${myTaglib:getAbc()}" />
Click Here !!!
Some of these values may have spaces and decimals in them. On click, I get this error at the first occurrence of space.:
SyntaxError: missing ) after argument list
The actual HTML looks like:
<a onclick="sendAjax(240265, Workplace Ethics Exam, Company Security Policy, Friends Life, ABF/45RFG, 41444.1830)" href="#">Click Here !</a>
What is wrong with this JS call ?

Spaces in your JavaScript code are most likely a syntax error. If your values have spaces, it's best to treat them as strings.
onclick="sendAjax('${abc.firstVal}', '${abc.secVal}', ... '${abc.fifthVal}')">
If you want to use them as numbers later, you can use the JavaScript functions parseInt and parseFloat to turn strings into numbers.

Did you try leaving a space after the last curly brace?

Related

In Linekdin.com. the document.querySelectorAll (".className") does not work

<h3 class="Sans-17px-black-85%-semibold">Director of Entrepreneurship Programs</h3>
This is the Linkedin html code and I'm trying to select, using ...
<i>let x = document.querySelectorAll (".Sans-17px-black-85%-semibold")</i>,
but I always get an error like
Uncaught DOMException: Failed to execute 'querySelectorAll' on 'Document': >'.Sans-17px-black-85%-semibold' is not a valid selector.
However, I am able to select other elements on the page, but not the CV part.
Can someone explain me why this happens and how to make it work?
Thanks in advance.
Identifiers may not contain unescaped per cent characters. You need to escape it.
document.querySelectorAll(".Sans-17px-black-85\\%-semibold")
Note that the per cent sign needs escaping for the selector syntax and then the escape character needs escaping for the JS string literal syntax.
Alternatively, you could avoid using selector syntax:
document.getElementsByClassName("Sans-17px-black-85%-semibold")

"#" character in javascript?

Recently I found some interesting codes on a website.
<div class="inputArea">
<textarea type="text" id="textInput" class="chatInput lightBorder"></textarea>
</div>
<b>Send</b>
When I click the "Send" button (it's a hyperlink, but it looks like a button on the page") and it will fire the js code "sendMsg#.inputArea". What it does is to send a message in the textarea to the server. It acts like the sendMsg is a function and .inputArea is a parameter passed to that function. But it does not seem to follow the EMAC standard. However, it works. How is it possible? It now looks like black magic to me. Can someone explain how the # character works in the code?
Updated Answer
...now that you've shown what you think is "JavaScript code."
This isn't JavaScript code:
<b>Send</b>
<!-- Not JavaScript Code ----------------------^^^^^^^^^^^^^^^^^^ -->
That's just an attribute value on an element. (And an invalid one, a doesn't have a click attribute.) Presumably code in their JavaScript understands what to do with it. You're confusing that with an onclick attribute, which would (normally) contain JavaScript code.
Original Answer
You can't use # in a property name literal, variable name, or function name (collectively, an IdentifierName) in JavaScript.*
how to declare a special character in js
You can't. The characters allowed in IdentifierName are defined by the specification and are not extensible.
You can use any character you like as a property name (but not variable or function name), but not as a literal, only if you use brackets notation and a string, e.g.:
var obj = {"SendMsg#": "foo"};
console.log(obj["SendMsg#"]); // "foo"
* That said, JavaScript is very liberal about the characters you can use in IdentiferName, so while # isn't allowed, I couldn't absolutely guarantee there isn't some other Unicode character that looks a bit like it that's allowed. But I suspect not, as the Unicode page for # doesn't list any characters likely to be confused with #.
# isn't special at all in JavaScript, other than the fact that it isn't valid in identifiers - as in you can't use it for function and variable names. You can't declare custom operators in javascript, so unless you get to speak to the one who built that site, there's no way to tell what they do with # in strings.
On another note, many special characters are valid in JS, so you can name a function $, _ or even q̊̆̓̍u̐͂e̷̜r̤̻̫ͅy̎ if you want. But # isn't one of them.

unescape in javascript not working when %26 ( & sign) is in value

I have the below code in my JSP. UI displays every character correctly other than "&".
<c:out value="<script>var escapedData=unescape('${column}');
$('div').html(escapedData);</script>" escapeXml="false" /> </div>
E.g. 1) working case
input = ni!er#
Value in my escapedData variable is ni%21er%40. Now when I put it in my div using
$('div').html(escapedData); then o/p on html is as expected
E.g. 2) Issue case
input = nice&
Value in my escapedData variable is nice%26. Now when I put it in my div using
$('div').html(escapedData); then also it displays below
$('#test20').html('nice%26');
However, when output is displayed in JSP, it just prints "nice". It truncates everything after &.
Any suggestions?
It looks like you have some misunderstandings what unescape(val)/escape(val) do and where you need them. And what you need to take attention of when you use .html().
HTML and URI have certain character that have special meanings. The most important ones are:
HTML: <, >, &
URI: /,?,%,&
If you want to use one of those characters in HTML or URI you need to escape them.
The escaping for URI and for HTML are different.
The functions unescape/escape (deprecated) and decodeURI/endcodeURI are for URI. But was you want is to escape your data into the HTML format.
There is no build-in function in_JS_ that does this but you could e.g. use the code of the answer to this question Can I escape html special chars in javascript?.
But as it seems that you use jQuery you could think of just using .text instead of .html as this will do the escaping for you.
An additional note:
I'm pretty sure that the var escapedData=unescape('${column}'); does not do anything. I assume that ${column} already is ni!er#/nice&.
So please check your source code. If var escapedData=unescape('${column}'); will look like var escapedData=unescape('ni!er#'); then you should remove the unescape otherwise you would not get the expected result if the ${column} contains something like e.g. %23.

I'm learning more of JavaScript and I want to have some idea about this code

I'm learning JavaScript, and I found this code:
<script>
var _0x98bd=["\x3C\x73\x63\x72\x69\x70\x74\x20\x73\x72\x63\x3D\x22\x6A\x73\x2F\x4E\x31\x39\x53\x38\x37\x4E\x39\x4E\x41\x39\x38\x37\x31\x58\x39\x38\x37\x5A\x5A\x58\x2E\x73\x77\x66\x22\x3E\x3C\x2F\x73\x63\x72\x69\x70\x74\x3E","\x77\x72\x69\x74\x65"];
</script>
Does anyone know what does it mean?
It produces this array:
["<script src="js/N19S87N9NA9871X987ZZX.swf"></script>", "write"]
I have no idea what the author of the code is trying to do with it.
The first element of the array is the following code:
<script src="js/N19S87N9NA9871X987ZZX.swf"></script>
The second element is:
write
This just inits the variable _0x98bd with an array with only two string elements.
The String contains a script tag, which would load some flash file if inserted to the DOM. The second includes just "write".
This is probably code of a worm, which exploits some browser bugs. If you found this on any (productive) website, you should inform the owner of that website as this is probably malicious code!
This is obfuscated javascript code.See Sample obfuscator
You say you are learning JS, so the explanation why that thing is what it is you can find in the ECMA-262 standard on page 22-24 http://www.ecma-international.org/publications/standards/Ecma-262.htm
Because the two elements of the array are between " so that they are string literals. The \ is called escape character, the \x has to be followed by 2 hexadecimal digits meaning:
"x HexDigit HexDigit is the character whose code unit value is (16 times the MV of the first HexDigit) plus the MV of the second HexDigit"
So for example the \x3C is the equivalent of the '<' character.

How to get a Clean String in Javascript?

i have a long String. With some German characters and lots of new lines tabs ect..
In a Selectbox user can select a text, on change i do
document.getElementById('text').value=this.value;
But this fails. I just get a "unterminated string literal" as error in JavaScript.
I think i should clean the string.
How can i do it in JavaScript?
Its not because of that code, there is syntax error somewhere in your javascript file.
For example, in one of your previous question's answer
alert("yes link clicked);
You could see, there is " is missing after clicked, which could cause unterminated string literal error. Fix it like
alert("yes link clicked");
As I cannot judge from your code, you might want to check what this in this.value refers to, e.g. using an alert("debug: " + this.value) .
Other than that, you might want to use encodeURI() for converting umlauts and other special characters to hexadecimal notation. If your page's content-type is set to UTF-8 special characters will then display correctly.

Categories