Why using javascript quote escape character in string should be \\ 'instead of \

Question

Why using javascript quote escape character in string should be \\ 'instead of \

I just have problems with javascript that I use for asp.net code after a few hours it turns out that this is a problem with an escape character.

I use this first.

ScriptManager.RegisterStartupScript(this, this.GetType(), "temp", "alert('Can't delete this data because it is bound with rate plan');", true);

This will result in a javascript error because the quote in “cannot” must use the escape character, which is why I use.

ScriptManager.RegisterStartupScript(this, this.GetType(), "temp", "alert('Can\'t delete this data because it is bound with rate plan');", true);

but it still does not work.

Finally i use

ScriptManager.RegisterStartupScript(this, this.GetType(), "temp", "alert('Can\\'t delete this data because it is bound with rate plan');", true);

and this is normal.

I'm just wondering why we need to use \\'instead \'to make the escape character work correctly.

+5

javascript c # asp.net escaping quotes

Sarawut Positwinyu May 02 '11 at 9:47

source share

5 answers

a# \ , , \n .. , ( " "").

:

@"... can\'t ..."

@ , . .. , ..

@"foo
bar
blip"

+3

Marc Gravell 02 '11 9:52

"\" #.

@ , , , #, .

:

ScriptManager.RegisterStartupScript(this, this.GetType(), "temp", @"alert('Can\'t delete this data because it is bound with rate plan');", true);

, . , :

ScriptManager.RegisterStartupScript(this, this.GetType(), "temp", "alert(\"Can't delete this data because it is bound with rate plan\");", true);

JavaScript, , PHP-, , -, .

, JavaScript:

JavaScript?

+3

Matías Fidemraizer 02 '11 9:58

\\, \ javascript, .

+1

Matt 02 '11 9:50

(, O'Brian) , ( ).

# 6 :

public static class Extension
{
    public static string ToSQEscapedStringJS<T>(this T unescapedStr)
    {
        if (unescapedStr == null || unescapedStr.ToString() == "")
        {
            return "''";
        }
        // replace ' by @@@
        var escapedStr = (unescapedStr).ToString().Replace("'", "@@@"); 
        // JS code to replace @@@ by '
        string unEscapeSQuote = "replace(/@{3}/g, String.fromCharCode(0x27))"; 
        // add @@@ escaped string with conversion back to '
        return $"('{escapedStr}'.{unEscapeSQuote})"; 
    }
}

. script:

// contains apostroph (aka single quote) and is dangerous for your script block
var name = "O'Brian"; 
var nameEscp = name.ToSQEscapedStringJS(); // creates JS expression from it
// building up the script
string strScript = 
   $"<script>window.opener.document.forms(0).{control.Value}.value = {nameEscp};</script>";
ClientScript.RegisterClientScriptBlock(this.GetType(), "anything", strScript);

Note that it is nameEscpalready surrounded by a single quote, so you can safely place it after =.

The trick is that the string is escaped and assigned without assignment at once (by executing a JavaScript expression), i.e.

.value = ('O@@@Brian'.replace(/@{3}/g, String.fromCharCode(0x27));

will be the inserted assignment expression, which will be sent to the client as a script. After execution .valuecontains O'Brian.

0

Matt Aug 25 '16 at 11:57

source share

Quentin · Accepted Answer · 2011-05-02T09:50:49+0000

\ escape- # JavaScript.

# "\'", , .

# "\\'", \ \ ( \ escape-), ' ' > ( '.

Why using javascript quote escape character in string should be \\ 'instead of \

More articles: