题
I'm currently working through several forms with outputs to the user and I've successfully applied the #esapiEncoder.encodeForHTML()# without issue thus far but I'm thrown as to whether this is the correct way of typing out an encode when DecimalFormat is part of it.
https://stackoverflow.com/questions/16689127
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian#esapiEncoder.encodeForHTML(DecimalFormat(hrsTotalLeave))#
Would that be the correct method? Or is it:
#DecimalFomat(esapiEncoder.encodeForHTML(hrsTotalleave))#
This page is using ColdFusion if that helps at all.
解决方案
I believe that you want to encode your values at the outermost level, so #esapiEncoder.encodeForHTML(DecimalFormat(hrsTotalLeave))# would be the way to go.
Using your second example and attempting to use format functions on encoded strings will potentially lead to issues as well.
