Consider the following piece of JSP:
<param name="FlashVars" value="${flashVars}" />
The value of ${flashVars} contains ampersands and needs to be encoded before it is output. Instead, JSP expects the value of ${flashVars} to be a piece of HTML and outputs the ampersands verbatim, resulting in bad HTML.
I found out that I can get the value to be encoded if I write it like this:
<param name="FlashVars" value="<c:out value="${flashVars}"/>" />
But this looks really ugly and confuses my IDE to boot. 开发者_高级运维Is there a better way to get the same result?
Use fn:escapeXml().
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
...
<param name="FlashVars" value="${fn:escapeXml(flashVars)}" />
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论