最近在使用SpringBoot整合Thymeleaf时,在html中有用到以下的写法:
<a href="#" th:onclick="'openGroupBuyOrder('+${r.order_no}+','+${r.nick_name}+')'" >
其中遇到这个问题:
Only variable expressions returning numbers or booleans are allowed in
this context, any other datatypes are not trusted in the context of this
expression, including Strings or any other object that could be rendered
as a text literal. A typical case is HTML attributes for event handlers
(e.g. "onload"), in which textual data from variables should better be
output to "data-*" attributes and then read from the event handler.
经过网上查找资料和查看thymeleaf使用手册,发现它除了有${}这种方式可以获取后端传过来的值以外,还可以通过"[[ ${}]]“这种方式来获取值,两者的区别在于”[[ ${}]]“会被转义,并且可以在js代码中直接获取出来,而” [ ${}]“和” ${} "不会被转义,在js代码中不会被解析。
因此只需要把代码改为以下形式就可以:
<a href="#" th:onclick="openGroupBuyOrder([[${r.order_no}]],[[${r.nick_name}]])" >