In ASP.NET 4.0
should I use new syntax <%: expression %> or 2.0 <%= HttpUtility.HtmlEncode(expression) %>
Less keystrokes, less chance to make a mistake, easier to read => use the first option.
That's sort of like asking if you should do this:
<%= DateTime.Now %>
or this
<% Response.Write(DateTime.Now) %>
There's no right answer, but one certainly looks better to me.
Related
I'm just wondering, the only difference I know is that the <%= symbols generates any possible html tags that's included with the string your planning to display, while <%: just display what the string exactly look like. If anyone can help me with this, I will greatly appreciate it.
Pretty good explanation from Scott Gu - New <%: %> Syntax for HTML Encoding Output in ASP.NET 4 (and ASP.NET MVC 2)
Excerpt:
ASP.NET applications (especially those using ASP.NET MVC) often rely on using <%= %> code-nugget expressions to render output. Developers today often use the Server.HtmlEncode() or HttpUtility.Encode() helper methods within these expressions to HTML encode the output before it is rendered. This can be done using code like below:
<div>
<%= Server.HtmlEncode(Model.Content) %>
</div>
While this works fine, there are two downsides of it:
It is a little verbose
Developers often forget to call the Server.HtmlEncode method – and there is no easy way to verify its usage across an app
New <%: %> Code Nugget Syntax
With ASP.NET 4 we are introducing a new code expression syntax (<%: %>) that renders output like <%= %> blocks do – but which also automatically HTML encodes it before doing so. This eliminates the need to explicitly HTML encode content like we did in the example above. Instead, you can just write the more concise code below to accomplish the exact same thing:
<div>
<%: Model.Content %>
</div>
The two inline code tags are essentialy the same, the only difference being that <%: %> will automatically use encoding. So this:
<%: myText %>
is equivalent to this:
<%= Html.Encode(myText) %>
The former is recommended.
<%: is HtmlEncoded. Code Nuggets for asp.net
With ASP.NET 4 we are introducing a new code expression syntax (<%: %>) that renders output like <%= %> blocks do – but which also automatically HTML encodes it before doing so.
From Scott Gu blog:
With ASP.NET 4 we are introducing a new code expression syntax (<%:
%>) that renders output like <%= %> blocks do – but which also
automatically HTML encodes it before doing so. This eliminates the
need to explicitly HTML encode content like we did in the example
above. Instead, you can just write the more concise code below to
accomplish the exact same thing:
http://weblogs.asp.net/scottgu/archive/2010/04/06/new-lt-gt-syntax-for-html-encoding-output-in-asp-net-4-and-asp-net-mvc-2.aspx
I have a Page, this Page has many, one or no comments.
At one point i'd like to display only the number of comments without iterating through all of them. However due to translation it needs to be distinguished between two Plural Versions of the comment count, so a simple call of $Comment.Count is out. Since the translator component does not seem to have pluralization support whatsoever, i need to do it on the template level.
So far all i got is this:
<% if Comments %>
<% control Comments %>
<span class="comments">
<% if Count == 1 %> ein Kommentar<% else %>$Count Kommentare<% end_if %></span>
<% end_control %>
<% end_if %>
This works but repeats Count-Times. Is there a workaround for this? Im aware of the possibility to create a function in my Page class like
function CommentCount(){
return $this->Comments->Count();
}
but this feels a little bit tedious.
I made a litle Decorator as this kind of thing was annoying me.
It's perhaps a bit heavyweight for such a small thing, but you could easily extend it to provide what you need.
Basically it adds a method to DataObjectSet so you can do:
$Comments.Count $Comments.Plural(SingularWord, PluralWord)
Currently if you don't provide PluralWord it will try to guess a plural using typical english spelling changes.
Code is here:
https://github.com/lingo/silverstripe-bits-and-bobs/blob/master/code/Pluraliser.php
Help and readme are here:
https://github.com/lingo/silverstripe-bits-and-bobs/
From the top of my head - it should work, but I'm not sure if there wasn't a problem with statements like these:
<% if Comments.TotalItems == 1 %>Singular<% else %>Plural (inklusive 0)<% end_if %>
Alternatively you could build something like this (also untested, if it doesn't work, comment and I'll try to fix it):
<% if Comments %>
<% control Comments %>
<% if TotalItems == 1 %>
Singular
<% else %>
Plural
<% end_if %>
<% end_control %>
<% else %>
0
<% end_if %>
However, that's pretty ugly and bloated (besides having to repeat the plural piece for 0). I'd prefer a method like SingleComment(), returning true for 1 entry and false for 0 or more as it's IMHO clearer.
It seems I am missing something. But ever since .Net 4.0 came out I have been seeing reference to <%: %> syntax for ASP.NET. It seems like it is similar to <%= %> but clearly there is a reason for the new syntax. I tried google but searching <%: %> doesn't seem to return anything. What does the <%: %> syntax do? Was it introduced in .Net 4.0 or 3.5? Can someone enlighten me?
Edited: Please provide reference or examples
i believe the <%: %> is auto HtmlEncoding
this post from Scott Gu will help to explain - it was introduced in .net 4 and MVC2
http://weblogs.asp.net/scottgu/archive/2010/04/06/new-lt-gt-syntax-for-html-encoding-output-in-asp-net-4-and-asp-net-mvc-2.aspx
: does html encoding.
Scott Guthrie has a nice post describing it in detail.
Don't use this where it is already encoded otherwise it will double encoded it. This is useful if you want to output things like HTML, though.
I have maybe very very Simple Question:
Where i can find documentation about expressions and syntax of WebForms view engine?
And what is the difference between
<%: expression %>
and
<%= expression %>
?
in advance thanks for reply
<%: expression %> renders the content with HTML encoding, whereas <%= expression %> renders it as is.
See Scott Guthrie's post New <%: %> Syntax for HTML Encoding Output in ASP.NET 4 (and ASP.NET MVC 2) for more info.
i ve got it:
http://msdn.microsoft.com/en-us/library/fy30at8h(VS.71).aspx
I can't find this info anywhere. Probably because Google is ignoring the keywords. Is there a difference between using <%: and <%= in your aspx page? They seem interchangeable.
<%: %> is a new thing in ASP.NET MVC 2. It is the same as <%= Html.Encode("Text") %>. It is recommended to always use <%: %> unless you have some specific reason to not do so (for example, you are rendering data from some file or database that's already been encoded).
The difference is :
<%= "my <text>" %> will output my <text>, which is incorrect HTML
<%: "my <text>" %> will output my <text>, which is better
More details here
#ntcolonel is right on the money. Additionally, for cases where your data has already been encoded, provide it using anything implementing IHtmlString. This prevents double-encoding, and allows you to always use <%: %>.
I believe that ASP.NET 4 shops should gravitate toward enforcing <%: %> by policy.
Also, the new syntax is for ASP.NET 4 in general; not necessarily just MVC, which is great news for WebForms developers.