1

我在asp Gridvidiew中有以下代码:

<asp:HyperLink ID="hlPSTNNum"  CssClass="OrdRef" Text='<%# DataBinder.Eval(Container.DataItem, "PSTNNum")%>'  runat="server" ToolTip='please click here to view the full record details'
NavigateUrl='<%#"https://THE URL IS HERE Searches/advancedsearchresults.asp?supplierid=" + Eval("Supplierid") + "&amp;display1=IS%20Number&amp;display2=Supplier&amp;display3=Product&amp;display4=Supplier%20Order%20Number&amp;order1=order%20date&amp;pstnnum=" + Eval("PSTNNum")%>' />

我认为 Visual Studio 2012 正在使用查询字符串部分中的分号(来自 "pstnnum=" + Eval("PSTNNum")%>' />" 我试图用 \ 来逃避它们(这让 VS 很高兴),但是浏览器在每次转义时都会留下一个斜杠。

不确定这里的最佳实践,因为我仍在削减我的编码牙齿......

4

2 回答 2

0

我认为更合适的方法是这样的:

<asp:HyperLink ID="hlPSTNNum"
    CssClass="OrdRef"
    Text='<%# DataBinder.Eval(Container.DataItem, "PSTNNum")%>'
    runat="server"
    ToolTip='please click here to view the full record details'
    NavigateUrl='<%#Server.HtmlEncode("https://THE URL IS HERE Searches/advancedsearchresults.asp?supplierid=" + Eval("Supplierid") + "&display1=IS Number&display2=Supplier&display3=Product&display4=Supplier Order Number&order1=order date&pstnnum=" + Eval("PSTNNum"))%>' />

请注意使用,Server.HtmlEncode然后使用您想要的实际值,而不是直接编码的值。这将使在 Visual Studio 中构建变得容易,但要确保它在呈现时得到编码。

编辑

在对 Microsoft 的代码进行更多研究后,我发现该类的基本RenderContents方法将为您进行编码。HyperLink该方法在内部调用另一个名为的方法,ResolveClientUrl如下所示:

public string ResolveClientUrl(string relativeUrl)
{
    if (this.DesignMode && this.Page != null && this.Page.Site != null)
    {
        IUrlResolutionService urlResolutionService = (IUrlResolutionService)this.Page.Site.GetService(typeof(IUrlResolutionService));
        if (urlResolutionService != null)
        {
            return urlResolutionService.ResolveClientUrl(relativeUrl);
        }
    }
    if (relativeUrl == null)
    {
        throw new ArgumentNullException("relativeUrl");
    }
    string virtualPathString = VirtualPath.GetVirtualPathString(this.TemplateControlVirtualDirectory);
    if (string.IsNullOrEmpty(virtualPathString))
    {
        return relativeUrl;
    }
    string text = this.Context.Request.ClientBaseDir.VirtualPathString;
    if (!UrlPath.IsAppRelativePath(relativeUrl))
    {
        if (StringUtil.EqualsIgnoreCase(text, virtualPathString))
        {
            return relativeUrl;
        }
        if (relativeUrl.Length == 0 || !UrlPath.IsRelativeUrl(relativeUrl))
        {
            return relativeUrl;
        }
    }
    string to = UrlPath.Combine(virtualPathString, relativeUrl);
    text = UrlPath.AppendSlashToPathIfNeeded(text);
    return HttpUtility.UrlPathEncode(UrlPath.MakeRelative(text, to));
}

由于您的 URL 不是相对的,它应该一直到最后一行,即return语句,所以老实说,您根本不需要对其进行编码。这会将您的代码更改为:

<asp:HyperLink ID="hlPSTNNum"
    CssClass="OrdRef"
    Text='<%# DataBinder.Eval(Container.DataItem, "PSTNNum")%>'
    runat="server"
    ToolTip='please click here to view the full record details'
    NavigateUrl='<%#"https://THE URL IS HERE Searches/advancedsearchresults.asp?supplierid=" + Eval("Supplierid") + "&display1=IS Number&display2=Supplier&display3=Product&display4=Supplier Order Number&order1=order date&pstnnum=" + Eval("PSTNNum")%>' />
于 2013-05-21T13:21:21.060 回答
0

不是 100% 确定这是否可行,但 asp.net 4.5 有 <%#: 自动编码。您可以尝试一下,看看它是否有效,只需将 <%# 更改为 <%#:

于 2013-05-21T13:30:54.580 回答