c# - Best way to put user input into generated javascript? -
I should be able to put some pages in one page and then it is sent to the server, saved in Databases and otherwise where this text is inserted into a javascript variable.
Basically like this:
("var myVar = \" "+ MyData +" \ ";");
What is the best way to avoid this data? Is there anything already to deal with things like '
and "
and new lines? Is Base 64 my only option?
My Server SideWare / Language ASP.Net/C #
You should use:
Write ("var myVar =" + Encoder.JavaScriptEncode (MyData, true) + ";");
If you do not want to reference the library, Function can be used (optimized from .NET Source):
public Thir zero QuoteString (this string value, stringbilder b) {if (String.IsNullOrEmptEx (value)) var b = new StringBuilder ()); int for startIndex = 0; int count = 0; (int i = 0 ; I & lt; value.Length; i ++) {char c = value [i]; // Add unchecked characters (which do not require special trinitus) // string builder when special characters are detected If (c == '\ r' || c == '\ t' || c == '\ "' || c == '\' '| | C ==' & lt; '| | C == '& gt;' || C == '\\' || C == '\ n' || C == '\ B' || C == '\ f' || C & lt; '') {If (b == null) {b = new stringbuilder (value.Length + 5); } If (calculation> gt; 0) {b.Append (value, startup, calculation); } StartIndex = I + 1; Calculation = 0; } Switch (C) {case '\ r': b.Append ("\\ r"); break; Case '\ t': b.Append ("\\ t"); break; Case '\ "': b.Append (" \\\ ""); break; The case '\\': b.Append ("\\\\"); break; Case '\ n': b.Append ("\\ n"); break; Case '\ b': b.Append ("\\ b"); break; Case '\ f': b.Append ("\\ f"); break; Case '\': Case '& gt;': Case '& lt;': Attendant Yuod (B, C); break; Default: If (C & lt; '') {AppendureUNUICIDAD (B, C); } And {count ++; } break; }} If (B == empty) {b.Append (value); } If (calculation> gt; 0) {b.Append (value, startup, calculation); } Return b.ToString (); }
Comments
Post a Comment