JSF 2.0: incluye una etiqueta de secuencia de comandos con un signo comercial en la URL

I'm trying to include the Google Maps API script:

<script src="https://maps.googleapis.com/maps/api/js?v=3&sensor=false" type="text/javascript"></script>

The problem is that the ampersand character causes an XML parsing error. If I do this:

<script src="https://maps.googleapis.com/maps/api/js?v=3&amp;sensor=false" type="text/javascript"></script>

it is returned verbatim.

Any idea how to get the intended script tag in the resulting page?

preguntado el 27 de agosto de 11 a las 15:08

What do you mean with "it is returned verbatim"? It is perfectly valid (even more, it's required as per HTML spec! all browsers are too forgiving in this) to use &amp; to separate parameters in links with a query string. -

As usual, you're right BalusC. When it was being returned verbatim, there must have been some other error that was causing the map not to load. Now that it works, I have reverted from the ugly hack and it all still works. -

3 Respuestas

The problem is that the ampersand character causes an XML parsing error. If I do this:

<script src="https://maps.googleapis.com/maps/api/js?v=3&amp;sensor=false" type="text/javascript"></script>

it is returned verbatim.

It shouldn't. It's perfectly valid. Even more, it's required as per the HTML spec to use &amp; to separate multiple parameters in query strings in any HTML element's href y src attribute. Your verbatim problem is caused by something else.

Respondido el 20 de junio de 20 a las 12:06

I don't like this one little bit, but at least it works:

<h:outputText value="&lt;script src=&quot;https://maps.googleapis.com/maps/api/js?v=3&amp;sensor=false&quot; type=&quot;text/javascript&quot;&gt;&lt;/script&gt;"/>

I'll leave this unaccepted in case someone has a cleaner solution.

Respondido 27 ago 11, 19:08

I've tested what Steve Taylor suggested and it didn't work for me at first. It was painting the & and " string without encoding the characters, and so the script tag wasn't being considered as that, but as a regular text string. Then i tried passing a escape="false" attribute to the h:outputText tab and voilá! Worked like a charm. Not the cleanest solution around, that's for sure, but it's the only one that has worked for me so far.

Respondido el 25 de junio de 13 a las 15:06

You should just not be using <h:outputText> in first place :) - BalusC

If you read the comments in the question, you will realise that there was another problem. I was mistaken about the problem I had described. - Distortum

I know, but in my case I was using the url as a string, passed as GET parameter to an asynchronous call after being UTF8-encoded, not to be rendered as HTML. It was pretty crucial that the HTML-encoded characters were not returned verbatim. And your workaround worked just fine :-) - Bartserk

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.