开发者

Dynamically inject HTML code from a String into an asp.net page

问答 作者:

I have a page in VB ASP.NET with the following code (this was generated by VS):

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Payment2.aspx.vb" Inherits="Payment2" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
   <title></title>
</head>
<body>
   <form id="form1" runat="server">
     <div>

     </div>
   </form>
</body>
</html>

With code

Partial Class Payment2
   Inherits System.Web.UI.Page

   Sub Page_Load(ByVal S As Object, ByVal E As EventArgs)

   End Sub

End Class

And I want to be able to inject the following String into the page and display.

<form name="downloadform3D" action="https://something.asp" method="post">
<NOSCRIPT>
JavaScript is currently disabled or is not supported by your browser.<br>
Please click on the &quot;Continue&quot; button to continue<br>
<input class="ncol" type="submit" value="Continue" id="submit1" name="submit1" />
</NOSCRIPT>
<input type="hidden" name="CSRFKEY" value="abc" />
<input type="hidden" name="CSRFTS" value="abc" />
<input type="hidden" name="CSRFSP" value="/ncol/test/something.asp" />
<input type="hidden" name="PaReq" value="<?xml version=&quot;1.0&quot;?><ThreeDSecure><Message id=&quot;123&quot;><PAReq><version>1.02</version><Merchant><merID>abc</merID><name>abc</name><url>http://www.abc.com</url></Merchant><Purchase><xid>123</xid><amount>1</amount><purchAmount>1</purchAmount><currency>GBP</currency></Purchase><CH><acctID>12345</acctID><expiry>1234</expiry><selBrand></selBrand></CH></PAReq></Message></ThreeDSecure>
" />
<input type="hidden" name="TermUrl" value="https://something.asp" />
<input type="hidden" name="MD" value="12334" />
</form>
<form method="post" action="https://somethig.asp" name="u开发者_开发知识库ploadForm3D">
<input type="hidden" name="CSRFKEY" value="1234A" />
<input type="hidden" name="CSRFTS" value="1234" />
<input type="hidden" name="CSRFSP" value="/something.asp" />
<input type="hidden" name="branding" value="abc" />
</form>
<SCRIPT LANGUAGE="Javascript" >
<!--
var popupWin;
var submitpopupWin = 0;

function LoadPopup() {
if (self.name == null)  {
    self.name = "ogoneMain";
}
popupWin = window.open('about:blank', 'popupWin', 'height=400, width=390, status=yes, dependent=no, scrollbars=yes, resizable=no');
if (popupWin != null) {
    if  (!popupWin || popupWin.closed) {
        return 1;
    } else {
        if (!popupWin.opener || popupWin.opener == null) {
            popupWin.opener = self;
        }
        self.document.forms.downloadform3D.target = 'popupWin';
        if (submitpopupWin == 1) {
            self.document.forms.downloadform3D.submit();
        }
        popupWin.focus();
        return 0;
    }
} else {
    return 1;
}
}
self.document.forms.downloadform3D.submit();
//-->
</SCRIPT>

I've had a look on google but nothing has helped (I may be entering the wrong search terms as I'm new to web programming). Any help would be really appreciated as I'm not an ASP guy and I've been pulling out what little hair I have left now for 3 days :(

Thanks in advance.

From your question it seems that you're trying to insert the string from server side, but I think it's better to do it in the aspx page itself.

Remove this code from the aspx page:

  <form id="form1" runat="server">
     <div>

     </div>
  </form>

and put your code in instead. It should look like this: 

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Payment2.aspx.vb" Inherits="Payment2" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
   <title></title>
</head>
<body>
<form name="downloadform3D" action="https://something.asp" method="post">
<NOSCRIPT>
JavaScript is currently disabled or is not supported by your browser.<br>
Please click on the &quot;Continue&quot; button to continue<br>
<input class="ncol" type="submit" value="Continue" id="submit1" name="submit1" />
</NOSCRIPT>
<input type="hidden" name="CSRFKEY" value="abc" />
<input type="hidden" name="CSRFTS" value="abc" />
<input type="hidden" name="CSRFSP" value="/ncol/test/something.asp" />
<input type="hidden" name="PaReq" value="<?xml version=&quot;1.0&quot;?><ThreeDSecure><Message id=&quot;123&quot;><PAReq><version>1.02</version><Merchant><merID>abc</merID><name>abc</name><url>http://www.abc.com</url></Merchant><Purchase><xid>123</xid><amount>1</amount><purchAmount>1</purchAmount><currency>GBP</currency></Purchase><CH><acctID>12345</acctID><expiry>1234</expiry><selBrand></selBrand></CH></PAReq></Message></ThreeDSecure>
" />
<input type="hidden" name="TermUrl" value="https://something.asp" />
<input type="hidden" name="MD" value="12334" />
</form>
<form method="post" action="https://somethig.asp" name="uploadForm3D">
<input type="hidden" name="CSRFKEY" value="1234A" />
<input type="hidden" name="CSRFTS" value="1234" />
<input type="hidden" name="CSRFSP" value="/something.asp" />
<input type="hidden" name="branding" value="abc" />
</form>
<SCRIPT LANGUAGE="Javascript" >
<!--
var popupWin;
var submitpopupWin = 0;

function LoadPopup() {
if (self.name == null)  {
    self.name = "ogoneMain";
}
popupWin = window.open('about:blank', 'popupWin', 'height=400, width=390, status=yes, dependent=no, scrollbars=yes, resizable=no');
if (popupWin != null) {
    if  (!popupWin || popupWin.closed) {
        return 1;
    } else {
        if (!popupWin.opener || popupWin.opener == null) {
            popupWin.opener = self;
        }
        self.document.forms.downloadform3D.target = 'popupWin';
        if (submitpopupWin == 1) {
            self.document.forms.downloadform3D.submit();
        }
        popupWin.focus();
        return 0;
    }
} else {
    return 1;
}
}
self.document.forms.downloadform3D.submit();
//-->
</SCRIPT>
</body>
</html>

you can do Response.Write,

or

you can use asp:Literal

there are a few modes with the asp:Literal control

PassThrough renders the content "as is" including html markup and script. This is a bad idea if you don't complely control the output. If you are dynamically including anythin that would be taken from user input or values stored in database you could put yourself at security risk.

Encode is HTML encoded. Its treated like text not HTML so this wont work for you

Transform tries to change the markup to match the browser which may or may not work.

Another option is to use a user control and set its "Visible" property on demand.

Did you tried Response.Write(contents); in the Page_Load event. Where contents is the data you want to inject to the Page.

继续阅读:asp.netdynamic

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9