ansaurus

Question

Answer 1

+3 A:

Do some thing like.

function add(){
        alert(<%=canModify%>);
        df('ADD');
    }

org.life.java 2010-10-25 14:10:34

Answer 2

+2 A:

I know I use something like this:

<%
String s = "BOB";
%>
<script>
alert('<%= s %>');
</script>

The '<%= %>' tag lets you put in the value of the java variable.

josh.trow 2010-10-25 14:11:00

You need to escape the string to block XSS attacks.

SLaks 2010-10-25 14:14:25

Yes, and the simplest way to do that is to use a JSON encoder.

bobince 2010-10-25 14:46:37

Answer 3

+3 A:

Get away from using scriptlets, use jstl and expression language and it would look like this:

alert( ${UTIL.hasSecurity("PFTMODFY") 
         && empRecNum != null 
         && !(empRecNum.equals("")
        }
      );

NimChimpsky 2010-10-25 14:16:20

That will work **if** "UTIL" is a reference that's available in the request attribute map (or maybe the page attribute map; I can't recall whether that works implicitly or not). If it's just a variable declared in a scriptlet, then it won't work. I do agree with you however that scriptlets are horrid and in 2010 nobody should be using them.

Pointy 2010-10-25 14:22:42

ansaurus

tags:

views:

answers:

passing value to JavaScript from JSP

related questions