转自https://my.oschina.net/u/2312080/blog/2878183

异常

严重: Servlet.service() for servlet [DispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: An error happened during template parsing (template: "ServletContext resource [/WEB-INF/templates//merchant/detail.html]")] with root cause

org.thymeleaf.exceptions.TemplateProcessingException: Only variable expressions returning numbers or booleans are allowed in this context, any other datatypes are not trusted in the context of this expression, including Strings or any other object that could be rendered as a text literal. A typical case is HTML attributes for event handlers (e.g. "onload"), in which textual data from variables should better be output to "data-*" attributes and then read from the event handler. (template: "/merchant/detail" - line 188, col 41)

	at org.thymeleaf.standard.expression.VariableExpression.executeVariableExpression(VariableExpression.java:181)

	at org.thymeleaf.standard.expression.SimpleExpression.executeSimple(SimpleExpression.java:66)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:109)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:96)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:138)

	at org.thymeleaf.standard.processor.StandardDOMEventAttributeTagProcessor.doProcess(StandardDOMEventAttributeTagProcessor.java:214)

	at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:74)

	at org.thymeleaf.processor.element.AbstractElementTagProcessor.process(AbstractElementTagProcessor.java:95)

	at org.thymeleaf.util.ProcessorConfigurationUtils$ElementTagProcessorWrapper.process(ProcessorConfigurationUtils.java:633)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1314)

	at org.thymeleaf.engine.OpenElementTag.beHandled(OpenElementTag.java:205)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.Model.process(Model.java:290)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:367)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:221)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640)

	at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleStandaloneElement(ProcessorTemplateHandler.java:1204)

	at org.thymeleaf.engine.StandaloneElementTag.beHandled(StandaloneElementTag.java:228)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1587)

	at org.thymeleaf.engine.TemplateHandlerAdapterMarkupHandler.handleOpenElementEnd(TemplateHandlerAdapterMarkupHandler.java:304)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler$InlineMarkupAdapterPreProcessorHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:278)

	at org.thymeleaf.standard.inline.OutputExpressionInlinePreProcessorHandler.handleOpenElementEnd(OutputExpressionInlinePreProcessorHandler.java:186)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:124)

	at org.attoparser.HtmlElement.handleOpenElementEnd(HtmlElement.java:109)

	at org.attoparser.HtmlMarkupHandler.handleOpenElementEnd(HtmlMarkupHandler.java:297)

	at org.attoparser.MarkupEventProcessorHandler.handleOpenElementEnd(MarkupEventProcessorHandler.java:402)

	at org.attoparser.ParsingElementMarkupUtil.parseOpenElement(ParsingElementMarkupUtil.java:159)

	at org.attoparser.MarkupParser.parseBuffer(MarkupParser.java:710)

	at org.attoparser.MarkupParser.parseDocument(MarkupParser.java:301)

	at org.attoparser.MarkupParser.parse(MarkupParser.java:257)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplateParser.java:230)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplateParser.java:100)

	at org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072)

	at org.thymeleaf.spring4.view.ThymeleafView.renderFragment(ThymeleafView.java:360)

	at org.thymeleaf.spring4.view.ThymeleafView.render(ThymeleafView.java:192)

	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1286)

	at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1041)

	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:984)

	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)

	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)

	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)

	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)

	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at com.joinpay.cb.common.filter.RepeatedlyReadFilter.doFilter(RepeatedlyReadFilter.java:51)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)

	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)

	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)

	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)

	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)

	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)

	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)

	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)

	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)

	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

	at java.lang.Thread.run(Thread.java:748)

原因

3.x版本的thymeleaf为了防止注入攻击,升级了安全机制

解决

修改前

<button th:onclick="'javascript:del(this,\''+${quartzInfo.id}+'\');'" type="button"></button>

修改后

<button th:data-id="${quartzInfo.id}" onclick="del(this,this.getAttribute('data-id'))" type="button"></button>

thymeleaf的onclick标签传参异常的更多相关文章

  1. JS中onclick事件传参

    美术馆案例中,需要将“增加一个img标签,放入大图片”这样一个函数封装,但是在调用的时候需要传参. <script type="text/javascript"> on ...

  2. 枚举|标志枚举+|(或)和&(与)运算|类型转换|值类型和引用类型|传参|异常|垃圾回收

    枚举部分 enum 关键字用于声明枚举,即一种由一组称为枚举数列表的命名常量组成的独特类型. 通常情况下,最好是在命名空间内直接定义枚举,以便该命名空间中的所有类都能够同样方便地访问它. 但是,还可以 ...

  3. thymeleaf模板使用th:onclick进行传参

    错误的写法: th:onclick="'javascript:editUser('+${prod.id}+');'" 正确的写法: th:onclick="'javasc ...

  4. jQuery 事件函数传参异常identifier starts immediately after numeric literal

    问题情境: var arr=[aabbcc,112233]; var html = ""; for(var i =0;i<arr.length;i++){ html += ' ...

  5. js中的onclick事件传参需要注意的问题

    如果参数是数值类型可以直接传,如果是字符串类型需要在字符串前后加上双引号,双引号需要转义 如 onclick="test(0)";  直接传值 参数为数值 onclick=&quo ...

  6. [2019/05/17]解决springboot测试List接口时JSON传参异常

    报错信息,大致如下 c.c.c.c.a.BaseControllerExceptionHandler : 运行时异常: java.lang.IllegalStateException: No prim ...

  7. js onclick事件传参

    传字符串参数 var html = "<a href='#' onclick='onedit(""+ row.name + "")';>编 ...

  8. 关于js中onclick字符串传参问题

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

  9. 关于js中onclick字符串传参问题(html="")

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

随机推荐

  1. CGPoint、CGSize、CGRect、CGRectEdge的详细使用

    http://blog.sina.com.cn/s/blog_953e22700101r7lz.html 在CGGeometry.h里的 CGPoint.CGSize.CGRect.CGRectEdg ...

  2. 工作中使用case用法小结

    五证合一sql语法解决办法 工作的时候,数据库里面存储某张表里面证件号码存储在不同的字段下面,然后前台需要写一个查询语句,根据数据库里面存储证件号码查询该条数据. 实际情况如下 有些部门上传数据,不是 ...

  3. Nginx 11阶段的顺序处理

    L49

  4. P1033 自由落体

    原题链接 https://www.luogu.org/problemnew/show/P1033 不得不说,这个题太坑了!!!主要是题目说得不明确...... 先来看图: 看一下用红圈圈起来的部分,就 ...

  5. 解决js复制在安卓和ios兼容问题

    var clipboard = new ClipboardJS('.fr', { // target: function() { // return document.querySelector('d ...

  6. building tool的简单了解

    java常用的三种构建工具: Apache Maven ——主要用于构建Java项目的自动化工具. NetBeans IDE 支持 Maven 构建系统,可帮助您管理项目的依赖关系.构建.报告和文档. ...

  7. HTML多图片压缩上传

    本文介绍的是多张图片在前端统一压缩后再通过ajax提交给后台处理的业务,使用到的是LocalResizeIMG.js插件. 一.首先介绍项目结构 二.分享引用核心文件,这里没有分享CSS文件,因为没有 ...

  8. 第三节: EF调用普通SQL语句的两类封装(ExecuteSqlCommand和SqlQuery )

    一. 前言 在前面的两个章节中,我们分别详细介绍了EF的增删改的两种方式(方法和状态)和EF查询的两种方式( Lambda和Linq ),进行到这里,可以说对于EF,已经入门了,本来应该继续往下进行E ...

  9. 页面加载过渡页 loading plugin css

    是前文 plugin 示例 loading 中需要用到的样式.现在样式扩充为 5类.loadtwo 使用到了bgimg /*loading animation loading one*/ /* loa ...

  10. Newton's Dark Secrets《牛顿探索》

    1643年1月4日,在英格兰林肯郡小镇沃尔索浦的一个自耕农家庭里,牛顿诞生了.牛顿是一个早产儿,出生时只有三磅重,接生婆和他的亲人都担心他能否活下来.谁也没有料到这个看起来微不足道的小东西会成为了一位 ...