Home > Web Front-end > Front-end Q&A > In-depth discussion on the problem of JavaScript function receiving parameters in English but not executing js

In-depth discussion on the problem of JavaScript function receiving parameters in English but not executing js

PHPz
Release: 2023-04-06 11:39:24
Original
680 people have browsed it

JavaScript is a widely used programming language. Its biggest advantage is the ability to write programs that interact with web pages, thereby achieving a richer user experience.

Among them, JavaScript function is a very critical part. Functions allow us to package certain blocks of code together and then call them when needed. This can make the code clearer, easier to maintain and extend. At the same time, when calling a function, we can also pass parameters to the function to make the function more flexible and versatile.

However, in practice, we sometimes encounter a strange problem. That is, our JavaScript function can receive English parameters, but cannot execute JavaScript code. Many people may have encountered this problem but have no idea how to solve it.

Next, we will delve into this problem and provide some solutions.

First of all, we need to clarify the nature of the problem. The parameters received by the function are plain text, which should be very clear to everyone. From a function perspective, there is no difference between English parameters and Chinese parameters, and JavaScript does not care about the language of the parameters. Therefore, the problem should be during function execution. We need to carefully look at the implementation of the function to determine whether there is some inappropriate code.

Now, let’s look at a simple example:

function sayHello(name) {
  alert("Hello " + name);
}
Copy after login

This is a very basic JavaScript function, which accepts a parameter name, and then uses this parameter to pop up a message box. At this time, if we call this function and pass in an English parameter, for example:

sayHello("Tom");
Copy after login

This function can be executed normally, and the content of the pop-up message box is "Hello Tom". But what happens if we pass in a JavaScript code as a parameter, for example:

sayHello("<script>alert('Hello');</script>");
Copy after login
Copy after login

? When you call the function, you will find that although the function is called correctly, the content of the pop-up message box is not the expected "Hello", but a text that looks like a script tag. This is because the function does not execute the JavaScript code passed in, but directly outputs it as text.

So, how to solve this problem? In fact, the method is very simple: we only need to encode the incoming parameters. The encoded parameter is a piece of plain text, and the special characters in it have been escaped and will not have any impact on the execution of the function. Commonly used JavaScript encoding functions include encodeURIComponent and encodeURI. The former encodes characters other than letters, numbers, and -_.!~*'(), while the latter only encodes some special characters, such as / ? & @ . Which encoding function to choose needs to be decided according to the actual situation.

The rewritten function is as follows:

function sayHello(name) {
  var encodedName = encodeURIComponent(name);
  alert("Hello " + encodedName);
}
Copy after login

The calling method also changes accordingly:

sayHello("<script>alert('Hello');</script>");
Copy after login
Copy after login

At this time, the function will execute normally.

Here, we further discuss the problem of JavaScript functions receiving English parameters but not executing JavaScript code, and introduce the solution. Hopefully this article will help you better understand functions and JavaScript while making your code more robust and secure.

The above is the detailed content of In-depth discussion on the problem of JavaScript function receiving parameters in English but not executing js. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template