本文介绍了json字符串可以包含HTML标签吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
考虑这个我的json字符串,
[{Mat_id:2,Mat_Name:Steel ,
Measurement:mm,Description:Steel}]
可以在这个json字符串中添加HTML标签,像这样,
$ $ $ $ $ $ $ $ $ {[Mat_id:2,Mat_Name :Steel,
Measurement:< bold> mm< / bold>,Description:Steel}]
$ b
- 是否这是一个有效的json字符串?
- 当Eval('('+ thisstring +') ')会引发一个问题?如果是这样的话是什么?
我这样做是因为我将这个json对象传递给一个yui数据表,它使用json
数据源...
编辑:
这是我生成的json字符串,
$ b $ $ p $
{Table:[{Mat_id:2,
Mat_Name:Jully ,Measurement:< bold> Inches< / bold>,
Description:Gully},]}
但我没有将我的测量列值以粗体显示...
解决方案
,是的,你可以这样做......实际上,如果我的数据中有HTML标记,我会有点担心。那里可能还有什么?闻起来像一个XSS漏洞。
Consider this my json string,
[{"Mat_id" : "2","Mat_Name" : "Steel",
"Measurement" : "mm","Description" : "Steel"}]
Can i add HTML Tags inside this json string like this,
[{"Mat_id" : "2","Mat_Name" : "Steel",
"Measurement" : "<bold>mm</bold>","Description" : "Steel"}]
- Whether this is a valid json string?
- When Eval('('+ thisstring +')') will raise an issue? If so what is it?
I am doing so because i will pass this json object to a yui datatable which consumes jsondatasource...
EDIT:
This my resulted json string,
{"Table" : [{"Mat_id" : "2",
"Mat_Name" : "Jully","Measurement" : "<bold>Inches</bold>",
"Description" : "Gully"},]}
But i didnt get my Measurement column values in bold...
解决方案
Technically, yes, you can do that... practically, I'd be a bit concerned if there were HTML markup in my data. What else might be in there? Smells like an XSS vulnerability.
这篇关于json字符串可以包含HTML标签吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!