1

I am tying to store ":;',./<>?,./asdaA12 value in js variable which is in gsp page but it could'nt store it properly and gives me run-time error because of special symbol contain " and ' as string. my snap code is : 

var editGrp_billingCode_val ="${returnVal?.groupCommand?.billingCode?:billingCode?:billingCode}";

Here Billing code populate with : ":;',./<>?,./asdaA12 value which contain " or ' symbols so for that page gives me run-time js error

is there any one solution for converting this types of string into String variable and store into js variable. like toString method in java

Value ":;',./<>?,./asdaA12 is not fixed it will come dynamically while running the application so i have to convert it at run-time as stored in js variable

Kaiido
  • 123,334
  • 13
  • 219
  • 285
Ravi Bhalsod
  • 145
  • 3
  • 15
  • 2
    You'll need to escape your string. Read [Escaping Strings in JavaScript](http://stackoverflow.com/questions/770523/escaping-strings-in-javascript) – Alon Adler Dec 19 '16 at 12:18
  • Those `${}`, `?.` and `?:` notations is not part of JavaScript, right? What other language are you using to render that JavaScript? – Anders Marzi Tornblad Dec 19 '16 at 12:21
  • I have mentioned it; its a gsp page contaions – Ravi Bhalsod Dec 19 '16 at 12:23
  • There's a good chance the templating engine you use has a method to escape these strings. What is this GSP you're refering to? – pawel Dec 19 '16 at 13:42
  • @pawel, I think it stands for ["Groovy Server Pages"](https://en.wikipedia.org/wiki/Grails_(framework)), that I don't know either. To OP, you don't need a jquery nor a js solution. Your problem is with gsp. It's at the parsing of the code that your error araises, so it's in the markup that it needs to be properly escaped. – Kaiido Dec 19 '16 at 13:52
  • 1
    Here's a similar problem, but the answer is basically RTFM which I think is the best course of action. http://stackoverflow.com/questions/15681708/ – pawel Dec 19 '16 at 13:54
  • And it's approximately [there](http://docs.grails.org/latest/guide/security.html#codecs) in this manual – Kaiido Dec 19 '16 at 13:59
  • It is purely javascript / It is look like above so when I will load the gsp page the head section contaion this code and the billingCode variable return ":;',./<>?,./asdaA12 value whih will not base format for js variable though it will give me unexpacted tocken error @pawel – Ravi Bhalsod Dec 19 '16 at 14:09
  • No this is not yet javascript. It's a parsing error, which means that it hasn't been able to even parse the script, how do you want it to be able to execute it or any js functions on it since it won't ever go into the interpreter ? – Kaiido Dec 19 '16 at 14:12

2 Answers2

0

I've figured it out, just enclose your variable (symbols) in between the "forward slash" e.g

      <script>
                 var x = /".'*:",/
                  alert(x)
                 // this should print ".'*:",

      </script>
Maroun
  • 94,125
  • 30
  • 188
  • 241
Andis Sitte
  • 7
  • 5
0

By escaping them:

<script>
    var x = "\".'*:\","
    alert(x)
    // this should print ".'*:",

</script>

Short escaping list:

  • " = \" or ' = \'
  • \ = \\
  • New Line = \n
  • Tab = \t

more: w3schools - JavaScript Strings

B. Colin Tim
  • 293
  • 5
  • 13
  • It is not static string or value ; value will come dynamically while loading in page; Its not working at any point. – Ravi Bhalsod Dec 19 '16 at 13:32