I'm just wondering, the only difference I know is that the <%= symbols generates any possible html tags that's included with the string your planning to display, while <%: just display what the string exactly look like. If anyone can help me with this, I will greatly appreciate it.
Pretty good explanation from Scott Gu - New <%: %> Syntax for HTML Encoding Output in ASP.NET 4 (and ASP.NET MVC 2)
Excerpt:
ASP.NET applications (especially those using ASP.NET MVC) often rely on using <%= %> code-nugget expressions to render output. Developers today often use the Server.HtmlEncode() or HttpUtility.Encode() helper methods within these expressions to HTML encode the output before it is rendered. This can be done using code like below:
<div>
<%= Server.HtmlEncode(Model.Content) %>
</div>
While this works fine, there are two downsides of it:
It is a little verbose
Developers often forget to call the Server.HtmlEncode method – and there is no easy way to verify its usage across an app
New <%: %> Code Nugget Syntax
With ASP.NET 4 we are introducing a new code expression syntax (<%: %>) that renders output like <%= %> blocks do – but which also automatically HTML encodes it before doing so. This eliminates the need to explicitly HTML encode content like we did in the example above. Instead, you can just write the more concise code below to accomplish the exact same thing:
<div>
<%: Model.Content %>
</div>
The two inline code tags are essentialy the same, the only difference being that <%: %> will automatically use encoding. So this:
<%: myText %>
is equivalent to this:
<%= Html.Encode(myText) %>
The former is recommended.
<%: is HtmlEncoded. Code Nuggets for asp.net
With ASP.NET 4 we are introducing a new code expression syntax (<%: %>) that renders output like <%= %> blocks do – but which also automatically HTML encodes it before doing so.
From Scott Gu blog:
With ASP.NET 4 we are introducing a new code expression syntax (<%:
%>) that renders output like <%= %> blocks do – but which also
automatically HTML encodes it before doing so. This eliminates the
need to explicitly HTML encode content like we did in the example
above. Instead, you can just write the more concise code below to
accomplish the exact same thing:
http://weblogs.asp.net/scottgu/archive/2010/04/06/new-lt-gt-syntax-for-html-encoding-output-in-asp-net-4-and-asp-net-mvc-2.aspx
Related
I am seeing some examples online where the # is being used before server side code.
eg
<h2>Browsing Genre: #Model.Name</h2>
So can you just use a single # instead of wrapping the c#/vb code in <% %> ?
You can use # if you're using the Razor view engine in ASP.NET MVC. That's most-likely what you're seeing examples of.
This is indeed razor syntax from MVC 3. Here is the syntax comparisons side by side
http://haacked.com/archive/2011/01/06/razor-syntax-quick-reference.aspx
Note # html encodes everything by default unless whatever after the # returns an MvcHtmlString.
<% %> in web forms did not html encode, but <%: %> syntax does.
Since .NET 4 its possible to use the <%: %> syntax for HTML Encoding of text.
In a repeater I use the following syntax to display data
<%# DataBinder.Eval(Container.DataItem, "fieldlabel")%>
The only way I know of to encode the output in the repeater is by using "Server.HtmlDecode". Is it possible to use the new <%: %> in a repeater just in combination with databinding so that I can remove the ugly HtlmDecode syntax. Or is an extention method my only option to improved the readability?
As of ASP.NET 4.5 this is possible using the new <%#: %> notation
No it is not possible. The <%# is allowing the evaulation of binding data but it use the basic <% block.
The only thing you can do is recreate the <%: by wrapping your code in Html.Encode.
Eg:
<%# Html.Encode(DataBinder.Eval(Container.DataItem, "fieldlabel")) %>
The <%: is a shortcut and I guess not every variation of the use of the blocks has been captured to include a shortbut. MS probably didn't want to complicate the issue by creating a ton of different symbols to capture the various uses and only support the most common use.
I think the answer is no, based on this question.
Meaning of the various symbols in .aspx page of asp.net
It is possible but need to work more:
Please use below syntax
<asp:Literal ID="fieldlabel" runat="server" Mode="Encode" Text='<%#Eval("fieldlabel")%>"></asp:Literal>
I have maybe very very Simple Question:
Where i can find documentation about expressions and syntax of WebForms view engine?
And what is the difference between
<%: expression %>
and
<%= expression %>
?
in advance thanks for reply
<%: expression %> renders the content with HTML encoding, whereas <%= expression %> renders it as is.
See Scott Guthrie's post New <%: %> Syntax for HTML Encoding Output in ASP.NET 4 (and ASP.NET MVC 2) for more info.
i ve got it:
http://msdn.microsoft.com/en-us/library/fy30at8h(VS.71).aspx
I can't find this info anywhere. Probably because Google is ignoring the keywords. Is there a difference between using <%: and <%= in your aspx page? They seem interchangeable.
<%: %> is a new thing in ASP.NET MVC 2. It is the same as <%= Html.Encode("Text") %>. It is recommended to always use <%: %> unless you have some specific reason to not do so (for example, you are rendering data from some file or database that's already been encoded).
The difference is :
<%= "my <text>" %> will output my <text>, which is incorrect HTML
<%: "my <text>" %> will output my <text>, which is better
More details here
#ntcolonel is right on the money. Additionally, for cases where your data has already been encoded, provide it using anything implementing IHtmlString. This prevents double-encoding, and allows you to always use <%: %>.
I believe that ASP.NET 4 shops should gravitate toward enforcing <%: %> by policy.
Also, the new syntax is for ASP.NET 4 in general; not necessarily just MVC, which is great news for WebForms developers.
I want to learn advanced and basic things about ASP.NET inline scripting like
<img src="<%= Page.ResolveUrl("~")%>Images/Logo.gif"/>
or
<asp:Label ID="lblDesc" runat="server" Text='<%#DataBinder.Eval(Container.DataItem,"Description")%>'></asp:Label>
And so on...
And, what's the difference between <% %> and <%# %> and such stuff?
Where can I find from basic to advanced implementation of those usages?
Check out this article for the specifics of the different inline tag options.
From the article:
<% ... %> -- The most basic inline tag,
basically runs normal code:
<%= ... %> -- Used for small chunks of
information, usually from objects and
single pieces of information
like a single string or int variable:
<%# ... %> -- Used for Binding Expressions;
such as Eval and Bind, most often
found in data controls like GridView,
Repeater, etc.:
<%$ ... %> -- Used for expressions, not code;
often seen with DataSources:
<%# ... %> -- This is for directive syntax;
basically the stuff you see at the top
your your aspx pages like control
registration and page declaration:
<%-- ... %> -- This is a server side comment,
stuff you don't want anyone without
code access to see:
In general, <%#..%> is used for preprocessing a template, such as when databinding, whereby the names of properties of the objects are not known at compile-time. If, for example, you have an ASP.NET Repeater object, and you databind a list of objects to it, this notation is used to pre-populate values that could not be set at any point except during the databind lifecycle.
The other notations, <%..%> and <%=..%> are more standard and you'll see these far more often than the other syntax previously discussed, especially if you use something like ASP.NET MVC instead of ASP.NET Web Forms. The syntax <%..%> executes arbitrary script inline, and nothing more, but allows you to write entire blocks of .NET code such as if statements, while loops, for loops, etc. The syntax <%=..%> is an evaluate-and-write syntax, and is rough equivalent of <% Response.Write([..].ToString()) %>. I.e., <%= myVal %> is the same as <% Response.Write(myVal.ToString()) %>
These syntaxes are basic ASP.NET knowledge.