将字符串中的 HTML 代码动态注入到 asp.net 页面中

Question

我在 VB ASP.NET 中有一个页面，其中包含以下代码（由 VS 生成）：

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Payment2.aspx.vb" Inherits="Payment2" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
   <title></title>
</head>
<body>
   <form id="form1" runat="server">
     <div>

     </div>
   </form>
</body>
</html>

有代码

Partial Class Payment2
   Inherits System.Web.UI.Page

   Sub Page_Load(ByVal S As Object, ByVal E As EventArgs)

   End Sub

End Class

并且我希望能够将以下字符串注入页面并显示。

<form name="downloadform3D" action="https://something.asp" method="post">
<NOSCRIPT>
JavaScript is currently disabled or is not supported by your browser.<br>
Please click on the &quot;Continue&quot; button to continue<br>
<input class="ncol" type="submit" value="Continue" id="submit1" name="submit1" />
</NOSCRIPT>
<input type="hidden" name="CSRFKEY" value="abc" />
<input type="hidden" name="CSRFTS" value="abc" />
<input type="hidden" name="CSRFSP" value="/ncol/test/something.asp" />
<input type="hidden" name="PaReq" value="<?xml version=&quot;1.0&quot;?><ThreeDSecure><Message id=&quot;123&quot;><PAReq><version>1.02</version><Merchant><merID>abc</merID><name>abc</name><url>http://www.abc.com</url></Merchant><Purchase><xid>123</xid><amount>1</amount><purchAmount>1</purchAmount><currency>GBP</currency></Purchase><CH><acctID>12345</acctID><expiry>1234</expiry><selBrand></selBrand></CH></PAReq></Message></ThreeDSecure>
" />
<input type="hidden" name="TermUrl" value="https://something.asp" />
<input type="hidden" name="MD" value="12334" />
</form>
<form method="post" action="https://somethig.asp" name="uploadForm3D">
<input type="hidden" name="CSRFKEY" value="1234A" />
<input type="hidden" name="CSRFTS" value="1234" />
<input type="hidden" name="CSRFSP" value="/something.asp" />
<input type="hidden" name="branding" value="abc" />
</form>
<SCRIPT LANGUAGE="Javascript" >
<!--
var popupWin;
var submitpopupWin = 0;

function LoadPopup() {
if (self.name == null)  {
    self.name = "ogoneMain";
}
popupWin = window.open('about:blank', 'popupWin', 'height=400, width=390, status=yes, dependent=no, scrollbars=yes, resizable=no');
if (popupWin != null) {
    if  (!popupWin || popupWin.closed) {
        return 1;
    } else {
        if (!popupWin.opener || popupWin.opener == null) {
            popupWin.opener = self;
        }
        self.document.forms.downloadform3D.target = 'popupWin';
        if (submitpopupWin == 1) {
            self.document.forms.downloadform3D.submit();
        }
        popupWin.focus();
        return 0;
    }
} else {
    return 1;
}
}
self.document.forms.downloadform3D.submit();
//-->
</SCRIPT>

我查看了 google，但没有任何帮助（我可能输入了错误的搜索词，因为我是网络编程的新手）。任何帮助都将不胜感激，因为我不是 ASP 人，而且我已经拔掉了我现在剩下 3 天的小头发:(

提前致谢。

Answer 1

从您的问题看来，您似乎正在尝试从服务器端插入字符串，但我认为最好在 aspx 页面本身中插入。

从 aspx 页面中删除此代码：

  <form id="form1" runat="server">
     <div>

     </div>
  </form>

然后将您的代码放入其中。它应该是这样的：

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Payment2.aspx.vb" Inherits="Payment2" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
   <title></title>
</head>
<body>
<form name="downloadform3D" action="https://something.asp" method="post">
<NOSCRIPT>
JavaScript is currently disabled or is not supported by your browser.<br>
Please click on the &quot;Continue&quot; button to continue<br>
<input class="ncol" type="submit" value="Continue" id="submit1" name="submit1" />
</NOSCRIPT>
<input type="hidden" name="CSRFKEY" value="abc" />
<input type="hidden" name="CSRFTS" value="abc" />
<input type="hidden" name="CSRFSP" value="/ncol/test/something.asp" />
<input type="hidden" name="PaReq" value="<?xml version=&quot;1.0&quot;?><ThreeDSecure><Message id=&quot;123&quot;><PAReq><version>1.02</version><Merchant><merID>abc</merID><name>abc</name><url>http://www.abc.com</url></Merchant><Purchase><xid>123</xid><amount>1</amount><purchAmount>1</purchAmount><currency>GBP</currency></Purchase><CH><acctID>12345</acctID><expiry>1234</expiry><selBrand></selBrand></CH></PAReq></Message></ThreeDSecure>
" />
<input type="hidden" name="TermUrl" value="https://something.asp" />
<input type="hidden" name="MD" value="12334" />
</form>
<form method="post" action="https://somethig.asp" name="uploadForm3D">
<input type="hidden" name="CSRFKEY" value="1234A" />
<input type="hidden" name="CSRFTS" value="1234" />
<input type="hidden" name="CSRFSP" value="/something.asp" />
<input type="hidden" name="branding" value="abc" />
</form>
<SCRIPT LANGUAGE="Javascript" >
<!--
var popupWin;
var submitpopupWin = 0;

function LoadPopup() {
if (self.name == null)  {
    self.name = "ogoneMain";
}
popupWin = window.open('about:blank', 'popupWin', 'height=400, width=390, status=yes, dependent=no, scrollbars=yes, resizable=no');
if (popupWin != null) {
    if  (!popupWin || popupWin.closed) {
        return 1;
    } else {
        if (!popupWin.opener || popupWin.opener == null) {
            popupWin.opener = self;
        }
        self.document.forms.downloadform3D.target = 'popupWin';
        if (submitpopupWin == 1) {
            self.document.forms.downloadform3D.submit();
        }
        popupWin.focus();
        return 0;
    }
} else {
    return 1;
}
}
self.document.forms.downloadform3D.submit();
//-->
</SCRIPT>
</body>
</html>

Answer 2

你可以做 Response.Write，

或

你可以使用 asp:Literal

asp:Literal 控件有几种模式

PassThrough 按“原样”呈现内容，包括 html 标记和脚本。如果您不完全控制输出，这是一个坏主意。如果您动态地包含从用户输入或存储在数据库中的值获取的任何内容，您可能会将自己置于安全风险之中。

编码是 HTML 编码的。它被视为文本而不是 HTML，所以这对你不起作用

Transform 尝试更改标记以匹配可能会或可能不会工作的浏览器。

另一种选择是使用用户控件并按需设置其“可见”属性。

Answer 3

你试过 Response.Write(contents);在 Page_Load 事件中。其中 contents 是您要注入页面的数据。