(Quick Reference)

6.2.1 GSP基础 - Reference Documentation

Authors: Graeme Rocher, Peter Ledbrook, Marc Palmer, Jeff Brown, Luke Daley, Burt Beckwith

Version: null

6.2.1 GSP基础

In the next view sections we'll go through the basics of GSP and what is available to you. First off let's cover some basic syntax that users of JSP and ASP should be familiar with.

GSP supports the usage of <% %> scriptlet blocks to embed Groovy code (again this is discouraged):

<html>
   <body>
     <% out << "Hello GSP!" %>
   </body>
</html>

You can also use the <%= %> syntax to output values:

<html>
   <body>
     <%="Hello GSP!" %>
   </body>
</html>

GSP also supports JSP-style server-side comments (which are not rendered in the HTML response) as the following example demonstrates:

<html>
   <body>
     <%-- This is my comment --%>
     <%="Hello GSP!" %>
   </body>
</html>

在下一个视图章节中,我们将涉及GSP的基础部分以及那些是你所需的。本节首先简单介绍一些基础的语法,对于JSP和ASP用户来说,这些应该都很熟悉。

GSP支持内嵌Groovy代码的用法(再次强调,不提倡这样用)是通过<% %>的脚本代码块的来实现的,比如:

<html>
   <body>
     <% out << "Hello GSP!" %>
   </body>
</html>

你也可以使用<%= %>的语法来输出:

<html>
   <body>
     <%="Hello GSP!" %>
   </body>
</html>

GSP也支持JSP风格的服务器端注释(其将不会被渲染到HTML响应中),比如:

<html>
   <body>
     <%-- This is my comment --%>
     <%="Hello GSP!" %>
   </body>
</html>

6.2.1.1 变量和作用域

Within the <% %> brackets you can declare variables:

<% now = new Date() %>

and then access those variables later in the page:

<%=now%>

Within the scope of a GSP there are a number of pre-defined variables, including:

<% %>内,你可以声明变量:

<% now = new Date() %>

然后在页面中访问使用这些变量:

<%=now%>

在GSP的作用域内,已经存在一些预定义的变量,它们是:

6.2.1.2 逻辑和迭代

Using the <% %> syntax you can embed loops and so on using this syntax:

<html>
   <body>
      <% [1,2,3,4].each { num -> %>
         <p><%="Hello ${num}!" %></p>
      <%}%>
   </body>
</html>

As well as logical branching:

<html>
   <body>
      <% if (params.hello == 'true')%>
      <%="Hello!"%>
      <% else %>
      <%="Goodbye!"%>
   </body>
</html>

使用<% %>语法你可以内嵌循环之类的用法,其语法如下:

<html>
   <body>
      <% [1,2,3,4].each { num -> %>
         <p><%="Hello ${num}!" %></p>
      <%}%>
   </body>
</html>

同理,逻辑判断如下:

<html>
   <body>
      <% if (params.hello == 'true')%>
      <%="Hello!"%>
      <% else %>
      <%="Goodbye!"%>
   </body>
</html>

6.2.1.3 页面指令

GSP also supports a few JSP-style page directives.

The import directive lets you import classes into the page. However, it is rarely needed due to Groovy's default imports and GSP Tags:

<%@ page import="java.awt.*" %>

GSP also supports the contentType directive:

<%@ page contentType="text/json" %>

The contentType directive allows using GSP to render other formats.

GSP也支持一些JSP风格的页面指令。

import指令可以让你将Java类导入到页面中。但是它应该很少使用,因为已经有Groovy缺省导入和GSP标签

<%@ page import="java.awt.*" %>

GSP也支持contentType指令:

<%@ page contentType="text/json" %>

contentType指令允许将GSP渲染为其他格式。

6.2.1.4 表达式

In GSP the <%= %> syntax introduced earlier is rarely used due to the support for GSP expressions. A GSP expression is similar to a JSP EL expression or a Groovy GString and takes the form ${expr}:

<html>
  <body>
    Hello ${params.name}
  </body>
</html>

However, unlike JSP EL you can have any Groovy expression within the ${..} block. Variables within the ${..} block are not escaped by default, so any HTML in the variable's string is rendered directly to the page. To reduce the risk of Cross-site-scripting (XSS) attacks, you can enable automatic HTML escaping with the grails.views.default.codec setting in grails-app/conf/Config.groovy:

grails.views.default.codec='html'

Other possible values are 'none' (for no default encoding) and 'base64'.

在GSP中,一开始所介绍的<%= %>语法是很少被应用于GSP表达式的。一个GSP表达式类似于JSP EL表达式或者Groovy GString,使用的是${expr}形式:

<html>
  <body>
    Hello ${params.name}
  </body>
</html>

尽管如此,跟JSP EL不同的是,你可以在${..}代码块中使用任意Groovy表达式。${..}块中的变量缺省是 被转义的,因此变量中字符串将会直接被渲染到页面HTML。要减少这种Cross-site-scripting (XSS)攻击风险,你可以使用自动HTML转义来避免,只需要在grails-app/conf/Config.groovy中配置grails.views.default.codec即可:

grails.views.default.codec='html'

其他可选的值是'none' (用于没有缺省编码情况)和'base64'.