Passing variable from ASP.net to JavaScript

How to pass a variable from asp.net to JavaScript?

Answers:

Answer

Create a property in your code behind

protected string MyProperty { get { return "your value"; } }

then in javascript

var myValue = "<%= MyProperty %>";
Answer

There are a number of ways:

1 - Write it out in your JavaScript with <%= myVariable %>
2 - Set a cookie server-side and then retrieve the cookie client side
3 - Set a hidden form input to your value
4 - Redirect to your page with the value as a querystring parameter, and then parse the params using JavaScript
5 - Build all your JavaScript server-side, save to a variable, and then write out the variable client-side.
6 - Retrieve the value with an AJAX request

Answer

You can use an ASP.Net HiddenField. You just set its value on the server and retrieve it via javascript when you need it.

Serverside

hdf_Test.Value = "yourValue";

HTML

<asp:HiddenField runat="server" ID="hdf_Test" />

Javascript

document.getElementById('hdf_Test').value
Answer

You can use this in your code behind:

public string json;

you need to give it a value

In your JavaScript you can enter:

<script>
    var myVar = <%=json%>;
</script>
Answer
  1. Use javascript tag

    <script>
        var var1 = @var1;  
        var var2 = @var2;  
    </script>
    
  2. Use hidden field

    <input type="hidden" value="@var1" id="h_var1"/>  
    <input type="hidden" value="@var2" id="h_var2" />`
    

in js

$(function()
{
    var var1 = $("#h_var1").val();
    var var2 = $("#h_var2").val();
}

3.Retrieve data via ajax using json

var var1;
var var2;
    $.get(url,function(result)
    {
        var1 = result.var1; var2 = result.var2;
     }

@var syntax depend of your view engine. It maybe <%= Var1 %>

Answer

If you want to get the string variable equivalent in your code side, this is code:

Example:

string jsString= JsEncoder.JavaScriptEncode("This is an example of C# string to be converted to javascript string",true));

Class Code:

using System;
using System.Collections.Generic;
using System.Globalization;
using System.Text;

namespace stackoverlofw.JavascriptEncoder
{
public class JsEncoder
{
    /// <summary>
    /// Empty string for Java Script context
    /// </summary>
    private const string JavaScriptEmptyString = "''";


    /// <summary>
    /// Initializes character Html encoding array
    /// </summary>
    private static readonly char[][] SafeListCodes = InitializeSafeList();



    /// <summary>
    /// Encodes input strings for use in JavaScript.
    /// </summary>
    /// <param name="input">String to be encoded.</param>
    /// <param name="emitQuotes">value indicating whether or not to emit quotes. true = emit quote. false = no quote.</param>
    /// <returns>
    /// Encoded string for use in JavaScript and does not return the output with en quotes.
    /// </returns>
    /// <remarks>
    /// This function encodes all but known safe characters.  Characters are encoded using \xSINGLE_BYTE_HEX and \uDOUBLE_BYTE_HEX notation.
    /// <newpara/>
    /// Safe characters include:
    /// <list type="table">
    /// <item><term>a-z</term><description>Lower case alphabet</description></item>
    /// <item><term>A-Z</term><description>Upper case alphabet</description></item>
    /// <item><term>0-9</term><description>Numbers</description></item>
    /// <item><term>,</term><description>Comma</description></item>
    /// <item><term>.</term><description>Period</description></item>
    /// <item><term>-</term><description>Dash</description></item>
    /// <item><term>_</term><description>Underscore</description></item>
    /// <item><term> </term><description>Space</description></item>
    /// <item><term> </term><description>Other International character ranges</description></item>
    /// </list>
    /// <newpara/>
    /// Example inputs and encoded outputs:
    /// <list type="table">
    /// <item><term>alert('XSS Attack!');</term><description>'alert\x28\x27XSS Attack\x21\x27\x29\x3b'</description></item>
    /// <item><term>[email protected]</term><description>'user\x40contoso.com'</description></item>
    /// <item><term>Anti-Cross Site Scripting Library</term><description>'Anti-Cross Site Scripting Library'</description></item>
    /// </list>
    /// </remarks>
    public static string JavaScriptEncode(string input, bool emitQuotes)
    {
        // Input validation: empty or null string condition
        if (string.IsNullOrEmpty(input))
        {
            return emitQuotes ? JavaScriptEmptyString : string.Empty;
        }

        // Use a new char array.
        int outputLength = 0;
        int inputLength = input.Length;
        char[] returnMe = new char[inputLength * 8]; // worst case length scenario

        // First step is to start the encoding with an apostrophe if flag is true.
        if (emitQuotes)
        {
            returnMe[outputLength++] = '\'';
        }

        for (int i = 0; i < inputLength; i++)
        {
            int currentCharacterAsInteger = input[i];
            char currentCharacter = input[i];
            if (SafeListCodes[currentCharacterAsInteger] != null || currentCharacterAsInteger == 92 || (currentCharacterAsInteger >= 123 && currentCharacterAsInteger <= 127))
            {
                // character needs to be encoded
                if (currentCharacterAsInteger >= 127)
                {
                    returnMe[outputLength++] = '\\';
                    returnMe[outputLength++] = 'u';
                    string hex = ((int)currentCharacter).ToString("x", CultureInfo.InvariantCulture).PadLeft(4, '0');
                    returnMe[outputLength++] = hex[0];
                    returnMe[outputLength++] = hex[1];
                    returnMe[outputLength++] = hex[2];
                    returnMe[outputLength++] = hex[3];
                }
                else
                {
                    returnMe[outputLength++] = '\\';
                    returnMe[outputLength++] = 'x';
                    string hex = ((int)currentCharacter).ToString("x", CultureInfo.InvariantCulture).PadLeft(2, '0');
                    returnMe[outputLength++] = hex[0];
                    returnMe[outputLength++] = hex[1];
                }
            }
            else
            {
                // character does not need encoding
                returnMe[outputLength++] = input[i];
            }
        }

        // Last step is to end the encoding with an apostrophe if flag is true.
        if (emitQuotes)
        {
            returnMe[outputLength++] = '\'';
        }

        return new string(returnMe, 0, outputLength);
    }




    /// <summary>
    /// Initializes the safe list.
    /// </summary>
    /// <returns>A two dimensional character array containing characters and their encoded values.</returns>
    [System.Diagnostics.CodeAnalysis.SuppressMessage("Microsoft.Maintainability", "CA1502:AvoidExcessiveComplexity", Justification = "This is necessary complexity.")]
    private static char[][] InitializeSafeList()
    {
        char[][] allCharacters = new char[65536][];
        for (int i = 0; i < allCharacters.Length; i++)
        {
            if (
                (i >= 97 && i <= 122) ||        // a-z
                (i >= 65 && i <= 90) ||         // A-Z
                (i >= 48 && i <= 57) ||         // 0-9
                i == 32 ||                      // space
                i == 46 ||                      // .
                i == 44 ||                      // ,
                i == 45 ||                      // -
                i == 95 ||                      // _
                (i >= 256 && i <= 591) ||       // Latin,Extended-A,Latin Extended-B        
                (i >= 880 && i <= 2047) ||      // Greek and Coptic,Cyrillic,Cyrillic Supplement,Armenian,Hebrew,Arabic,Syriac,Arabic,Supplement,Thaana,NKo
                (i >= 2304 && i <= 6319) ||     // Devanagari,Bengali,Gurmukhi,Gujarati,Oriya,Tamil,Telugu,Kannada,Malayalam,Sinhala,Thai,Lao,Tibetan,Myanmar,eorgian,Hangul Jamo,Ethiopic,Ethiopic Supplement,Cherokee,Unified Canadian Aboriginal Syllabics,Ogham,Runic,Tagalog,Hanunoo,Buhid,Tagbanwa,Khmer,Mongolian   
                (i >= 6400 && i <= 6687) ||     // Limbu, Tai Le, New Tai Lue, Khmer, Symbols, Buginese
                (i >= 6912 && i <= 7039) ||     // Balinese         
                (i >= 7680 && i <= 8191) ||     // Latin Extended Additional, Greek Extended        
                (i >= 11264 && i <= 11743) ||   // Glagolitic, Latin Extended-C, Coptic, Georgian Supplement, Tifinagh, Ethiopic Extended    
                (i >= 12352 && i <= 12591) ||   // Hiragana, Katakana, Bopomofo       
                (i >= 12688 && i <= 12735) ||   // Kanbun, Bopomofo Extended        
                (i >= 12784 && i <= 12799) ||   // Katakana, Phonetic Extensions         
                (i >= 19968 && i <= 40899) ||   // Mixed japanese/chinese/korean
                (i >= 40960 && i <= 42191) ||   // Yi Syllables, Yi Radicals        
                (i >= 42784 && i <= 43055) ||   // Latin Extended-D, Syloti, Nagri        
                (i >= 43072 && i <= 43135) ||   // Phags-pa         
                (i >= 44032 && i <= 55215) /* Hangul Syllables */)
            {
                allCharacters[i] = null;
            }
            else
            {
                string integerStringValue = i.ToString(CultureInfo.InvariantCulture);
                int integerStringLength = integerStringValue.Length;
                char[] thisChar = new char[integerStringLength];
                for (int j = 0; j < integerStringLength; j++)
                {
                    thisChar[j] = integerStringValue[j];
                }

                allCharacters[i] = thisChar;
            }
        }

        return allCharacters;
    }
}
}
Answer

In HTML:

<script type="text/javascript">
  alert(<%=Greetings()%>);
</script>

In code behind:

protected string Greetings()
{
    return Microsoft.Security.Application.AntiXss.JavaScriptEncode("Hello World!");
}

AntiXss Library

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.