Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JSP 2.0 EL

 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I noticed something strange. Both of the following output the same information:

and if I simply do:

I know that EL works inside of JSTL for other reasons, but for simply printing something out using c ut, why use JSTL? Why not just use EL all alone?
Another interesting I noticed..I loaded a properties file and accessed an attribute using the EL. The sample properties file looks like:
template.properties

I then load this into the request like

Now, when I access the "name" property using EL like:

I get printed on the screen

However, if I use EL without JSTL I get Gregg rendered as HTML (big and bold).
Does anyone know why this is?
[ January 01, 2004: Message edited by: Gregg Bolinger ]
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64827
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
<cut> is redundant in JSP 2.0 since you can use the EL directly in the template text.
In JSP 1.2, <cut> is the means to emit EL output.
bear
 
Frank Carver
Sheriff
Posts: 6920
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
And there you aptly demonstrate why cut is not quite redundant. Sometimes you need to write outout (including HTML) directly to the output stream with no translation. Sometimes you want to make sure that any "dangerous" characters in user data are escaped so they don't screw up the page layout.
imagine my user data contains the following:
for (i = 0; i < n; ++i)
For unprotected output you can use EL directly (or you can use <%= ... %>).
For protected output you can use cut
 
Gregg Bolinger
GenRocket Founder
Ranch Hand
Posts: 15302
6
Chrome IntelliJ IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Frank Carver:
And there you aptly demonstrate why c ut is not quite redundant. Sometimes you need to write outout (including HTML) directly to the output stream with no translation. Sometimes you want to make sure that any "dangerous" characters in user data are escaped so they don't screw up the page layout.
imagine my user data contains the following:
for (i = 0; i < n; ++i)
For unprotected output you can use EL directly (or you can use <%= ... %> .
For protected output you can use c ut

I see. Thanks.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64827
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Good info Frank! Having not had a chance to actually play with JSP 2 (just done lots of reading) I was not aware that the "embedded" EL didn't go through the encoding that <cut> provides.
bear
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic