Struts2表单输入中的JSP2表达式 [英] JSP2 expression in Struts2 form input
问题描述
我已经开始使用JSP和Struts2.我已经阅读了许多教程和规范,现在我正在尝试使用Struts2,JSP2 EL和创建自定义taglib的非常简单的应用程序.
I’ve started playing around with JSPs and Struts2. I’ve read through a bunch of tutorials and specs, and now I’m trying my hand at a very simple application using Struts2, JSP2 EL, and creating a custom taglib.
我想做的是创建一个简单的可重用的登录控件.我已经创建了一个JSP,它将检查会话以查看用户是否已登录,如果没有显示登录页面.
What I am trying to do is create a simple reusable login control. I’ve created a JSP that will check the session to see if a user is logged in, and if not display a login page.
我遇到的问题是我似乎无法将retPage属性作为一个值输入到login.tag中的隐藏输入字段中.照原样,出现以下错误"/WEB-INF/tags/login.tag(14,1)根据标签文件中的TLD或属性指令,属性值不接受任何表达式" .如果将sourcePage的值设置为空字符串,则其他所有功能都可以正常工作.
The issue I am having is I can’t seem put the retPage attribute in login.tag as a value in a hidden input field. As is, I get the following error "/WEB-INF/tags/login.tag(14,1) According to TLD or attribute directive in tag file, attribute value does not accept any expressions". If I set the value of sourcePage to an empty string, everything else works fine.
我已经对此错误进行了一些谷歌搜索,似乎表明我没有使用我想使用的JSP版本(我认为我正在使用JSP 2,但是此错误似乎是由于JSP 1.2尝试而发生的解释JSP2 EL语句).但是,如果我不使用JSP 2,我会以为所有JSP EL语句都会失败,而事实并非如此.
I’ve done some googling for this error, and it seems to indicate I am not using the version of JSP I think I am (I think I’m using JSP 2, but this error seems to occur from JSP 1.2 trying to interpret JSP2 EL statements ). However if I wasn’t using JSP 2, I would have thought that all JSP EL statements would fail, which is not the case.
如何在login.tag中将retPage属性设置为隐藏输入字段的值?
How can I set my retPage attribute in login.tag to be the value of a hidden input field?
我确实觉得我对这些东西掌握得非常微不足道.因此,如果所有这些都不合时宜,请告诉我.
I do feel like I have a very tenuous grasp on this stuff. So if all of this is way off base, please let me know.
任何帮助将不胜感激.谢谢你.
Any help would be greatly appreciated. Thank you.
index.jsp
index.jsp
<?xml version="1.0" encoding="UTF-8" ?>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Welcome</title>
</head>
<body>
<%@ include file="auth.jsp" %>
<div> Welcome to My Test Page</div>
</body>
</html>
auth.jsp:
<?xml version="1.0" encoding="UTF-8" ?>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<s:head />
</head>
<body>
<s:if test="! #session['authenticated']" >
<%
StringBuffer url = request.getRequestURL();
String ns = "myTest/";
int sidx = url.lastIndexOf( ns );
int tidx = url.indexOf( "?");
if( 0 > tidx )
{
tidx = url.length();
}
String retPage = url.substring( sidx + ns.length(), tidx );
%>
<jsp:forward page="login.jsp" >
<jsp:param name="page" value="<%=retPage%>" />
</jsp:forward>
</s:if>
</body>
</html>
login.jsp:
login.jsp:
<?xml version="1.0" encoding="UTF-8" ?>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib prefix="sj" uri="/struts-jquery-tags"%>
<%@ taglib prefix="ml" tagdir="/WEB-INF/tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Please login</title>
<s:head />
<sj:head />
</head>
<body>
<div id="login">
<ml:login retPage="${param.page}" />
</div>
</body>
</html>
login.tag:
login.tag:
<%@ tag body-content="empty" %>
<%@ attribute name="retPage" required="true" %>
<%@ taglib prefix="s" uri="/struts-tags" %>
<s:head />
<s:form action="login" theme="xhtml">
<div>
Please login.
Ret0: ${retPage}
</div>
<s:textfield name="user.userName" label="Username" />
<s:hidden name="sourcePage" value="${retPage}" />
<s:submit />
</s:form>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>myTest</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
推荐答案
根据标签文件中的TLD或属性指令,属性值不接受任何表达式.
According to TLD or attribute directive in tag file, attribute value does not accept any expressions.
默认情况下,您不能将JSP EL表达式传递给Struts2标记.这样做是出于安全目的.如果愿意,可以复制struts-tags.tld并将所有标签的<rtexprvalue>设置为true.但是,您应该意识到允许标记同时接受JSP EL和OGNL表达式所涉及的安全漏洞.
By default you cannot pass a JSP EL expression to a Struts2 tag. This is done for security purposes. If you wanted to, you could make a copy of struts-tags.tld and set <rtexprvalue> to true for all of the tags. However, you should be aware of the security vulnerability involved in allowing tags to accept both JSP EL and OGNL expressions.
在调用标签处理程序之前先评估JSP EL,然后在标签内部评估OGNL.这样,如果${retPage}计算为OGNL表达式,则该标签可能会完成您意想不到的事情.
JSP EL is evaluated prior to invoking the tag handler, OGNL is evaluated afterwards (inside the tag). As such, if ${retPage} evaluated to an OGNL expression, then the tag may wind up doing something you didn't expect.
对于隐藏的表单字段,只需使用等效的HTML.
For the case of a hidden form field, just use the HTML equivalent.
这篇关于Struts2表单输入中的JSP2表达式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
