Include file from dynamic property value

Question

I have a project in Java thgat needs to use;

<%@include file="content.jsp" %>

to include a file into the current jsp page.

However, I now need the content.jsp to be dynamic.

How can I substitute everything in the quotes with a variable?

So;

<%@include file=myVariable %>

score 37 · Accepted Answer · answered Feb 14 '11 at 01:21

37

Instead of using static include, you can use dynamic include, then you can do something like this:-

<jsp:include page="<%= myVariable %>" flush="true" />

or

<jsp:include page="${myVariable}" flush="true" />

answered Feb 14 '11 at 01:21

limc

39,366
20
100
145

Ah no. because I have variables in my main page that need to be accessible from the included page. I don't get that with – griegs Feb 14 '11 at 01:25
1

You can pass parameter in dynamic include using ``, couldn't you? – limc Feb 14 '11 at 01:27
2

can you put those variables on the request or the session? – davogotland Feb 14 '11 at 01:30
No I can't put them in the request or the session for reasons only evident to the client. Just trying out the jsp:param approach now – griegs Feb 14 '11 at 01:33
@davogotland: That's what I was about to say. :) @griegs: if your variables has string value, then using `jsp:param` is probably the easiest to pass the values. But, if you have objects and such, the easiest is to set store it in the request, then pass the request attribute name using `jsp:param` so that the included page can retrieve the object from request using that parameter. – limc Feb 14 '11 at 01:34
@limc these are just string values. – griegs Feb 14 '11 at 01:35

score 3 · Answer 2 · edited Feb 24 '16 at 08:44

3

i have work around by using the static include after closing the tag so it still static and can be used as if you assign a string

        <% 

            switch(questionType){

                case 1:%><%@include file="qtypes/yesNo.jspf"%><%
                break; 
                case 5:%><%@include file="qtypes/eval.jspf"%><%
                break; 
                default :%><%@include file="qtypes/yesNo.jspf"%><%
                break; 
            } 

        %>

edited Feb 24 '16 at 08:44

Jörn Buitink

2,906
2
22
33

answered Feb 24 '16 at 08:02

Mahmoud Elsonbati

41
3

1

This is actually a good option. It reduce the risk of JSP include vulnerability. http://find-sec-bugs.github.io/bugs.htm#JSP_INCLUDE – h3xStream Aug 17 '16 at 19:30

Include file from dynamic property value

2 Answers2

Linked