Javascript有一个内置的方法,只是为了涵盖不仅仅是单引号。它名为encodeURIComponent,来自Javascript Kit:
Used to encode the parameter portion of a URI for characters that have special meaning, to separate them from reserved characters such as "&" that act as key/value separators. More inclusive than encodeURI(), it encodes all characters with special meaning in a URL string, including "=" and "&". Use this method only on the parameter portion of a URI; otherwise, the URI may no longer be valid if it contains one of the characters that are part of a valid URI (ie: "+") yet should be escaped if part of the URI parameter.
所以你的代码应该变成:
data: "{str_" + encodeURIComponent(sectionName) + " :'" + encodeURIComponent(UpdateText) + "',EntityID: '" + encodeURIComponent(EntityID) + "' }",我将查询字符串中发送的所有内容编码为安全,但编码EntityID可能会被跳过,因为它不是来自用户(我假设),因此您知道它不会有特殊字符。