0

I'm having a trouble with using jsp variables as javascript parameters.

The javascript function:

function user(name, lastname, nick) {
    return name + " " + lastname + " (" + nick + ")";
}

And using it in jsp:

<tbody>
<c:forEach var="et" items="${eTestsToAdd}">
    <tr>
        <td><script>document.write(user(${et.author.name}, ${et.author.lastname}, ${et.author.nick}));</script></td>

Also it works on another example:

js

function parseToDate(dateInMiliseconds) {
    var d = new Date(dateInMiliseconds);
    var string = d.getDay().toString() + "-" + d.getMonth().toString() + "-" + d.getFullYear().toString();
    return string;
}

jsp

<script>document.write(parseToTime(${uc.startDate.time}));</script>

There are two differences, working example is javascript function with one parameter and the parameter is int, and not working one is javasript function with three string parameters. How can I pass those values to have it working? No scriptlets please :)

//EDIT

ok, I'll try to clarify it a little more:

I have a table in jsp where some data is to be displayed:

<tbody>
    <c:set var="i" value="0" />
    <c:forEach var="uc" items="${userClasses}">
        <c:set var="i" value="${i+1}" />
        <c:url var="usrURL" value="/users/show/${uc.user.nick}" />
        <tr onclick="location.href = '${usrURL}' ">
            <td>${i}</td>
            <td><img class="img-circle img-little" src="<c:url value='/imageView/${uc.user.avatar.id}'/>" />
                <script>document.write(user(${uc.user.name}, ${uc.user.lastname}, ${uc.user.nick}));</script>
            </td>
            <td><script>document.write(parseToTime(${uc.startDate.time}));</script></td>
        </tr>
                                </c:forEach>
                            </tbody>

uc.user - is the user entity, I wanted to have it nicely written in the table in pattern -

Name Lastname (userName)

with the javascript I posted here. But when I use this function in jsp, tomcat throws me org.apache.jasper.JasperException: An exception occurred processing JSP page at the line where I call the js function. So obviously, I'm using it wrong in jsp somehow; I'm fresh with javascripts, though. And my question is how to use this javasript function properly here?

Improve this question
1
  • What is the stack trace of the JasperException? JavaScript errors dont show up in tomcat and having invalid or JavaScript that doesnt work isnt something that would show up in the Tomcat logs. A JasperException means that your have a JSP error. Commented Dec 16, 2014 at 18:00

1 Answer 1

Reset to default
1

I am not certain that this is the solution without knowing what the values for the eTestsToAdd collection is, however this would certainly be one problem.

Given this code snipplet:

document.write(user(${et.author.name}, ${et.author.lastname}, ${et.author.nick}));

And the values for the author are joe, shmoe, js respectively this would result in this output 

document.write(user(joe, shmoe, js));

This is invalid javascript, the JS evaluator would look for variables named joe, schome and js. You need to wrap the output in quotes.

document.write(user("${et.author.name}", "${et.author.lastname}", "${et.author.nick}"));

Now if someone puts in the name lovemesome"XXS for the first name you will also get a javascript error. You will need to sanitize your output variables, you can do that for this case by using the following:

${fn:replace(${et.author.name}, '\"', '\\\"'}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

@dante02891 what does your javascript console say, do you get an error?
@dante02891 As i said in my post, noone will be certain of what the problem is until you post what the actual output is of the JSP file. We can guess... but without more information on 1) the error output of the javascript and 2) what exactly are the values that your outputting. Ideally both would be added to the question but as it is I dont think anyone could awnser and be confident in their solution.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.