转自https://my.oschina.net/u/2312080/blog/2878183

异常

严重: Servlet.service() for servlet [DispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: An error happened during template parsing (template: "ServletContext resource [/WEB-INF/templates//merchant/detail.html]")] with root cause

org.thymeleaf.exceptions.TemplateProcessingException: Only variable expressions returning numbers or booleans are allowed in this context, any other datatypes are not trusted in the context of this expression, including Strings or any other object that could be rendered as a text literal. A typical case is HTML attributes for event handlers (e.g. "onload"), in which textual data from variables should better be output to "data-*" attributes and then read from the event handler. (template: "/merchant/detail" - line 188, col 41)

	at org.thymeleaf.standard.expression.VariableExpression.executeVariableExpression(VariableExpression.java:181)

	at org.thymeleaf.standard.expression.SimpleExpression.executeSimple(SimpleExpression.java:66)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:109)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:96)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:138)

	at org.thymeleaf.standard.processor.StandardDOMEventAttributeTagProcessor.doProcess(StandardDOMEventAttributeTagProcessor.java:214)

	at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:74)

	at org.thymeleaf.processor.element.AbstractElementTagProcessor.process(AbstractElementTagProcessor.java:95)

	at org.thymeleaf.util.ProcessorConfigurationUtils$ElementTagProcessorWrapper.process(ProcessorConfigurationUtils.java:633)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1314)

	at org.thymeleaf.engine.OpenElementTag.beHandled(OpenElementTag.java:205)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.Model.process(Model.java:290)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:367)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:221)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640)

	at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleStandaloneElement(ProcessorTemplateHandler.java:1204)

	at org.thymeleaf.engine.StandaloneElementTag.beHandled(StandaloneElementTag.java:228)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1587)

	at org.thymeleaf.engine.TemplateHandlerAdapterMarkupHandler.handleOpenElementEnd(TemplateHandlerAdapterMarkupHandler.java:304)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler$InlineMarkupAdapterPreProcessorHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:278)

	at org.thymeleaf.standard.inline.OutputExpressionInlinePreProcessorHandler.handleOpenElementEnd(OutputExpressionInlinePreProcessorHandler.java:186)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:124)

	at org.attoparser.HtmlElement.handleOpenElementEnd(HtmlElement.java:109)

	at org.attoparser.HtmlMarkupHandler.handleOpenElementEnd(HtmlMarkupHandler.java:297)

	at org.attoparser.MarkupEventProcessorHandler.handleOpenElementEnd(MarkupEventProcessorHandler.java:402)

	at org.attoparser.ParsingElementMarkupUtil.parseOpenElement(ParsingElementMarkupUtil.java:159)

	at org.attoparser.MarkupParser.parseBuffer(MarkupParser.java:710)

	at org.attoparser.MarkupParser.parseDocument(MarkupParser.java:301)

	at org.attoparser.MarkupParser.parse(MarkupParser.java:257)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplateParser.java:230)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplateParser.java:100)

	at org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072)

	at org.thymeleaf.spring4.view.ThymeleafView.renderFragment(ThymeleafView.java:360)

	at org.thymeleaf.spring4.view.ThymeleafView.render(ThymeleafView.java:192)

	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1286)

	at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1041)

	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:984)

	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)

	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)

	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)

	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)

	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at com.joinpay.cb.common.filter.RepeatedlyReadFilter.doFilter(RepeatedlyReadFilter.java:51)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)

	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)

	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)

	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)

	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)

	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)

	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)

	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)

	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)

	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

	at java.lang.Thread.run(Thread.java:748)

原因

3.x版本的thymeleaf为了防止注入攻击,升级了安全机制

解决

修改前

<button th:onclick="'javascript:del(this,\''+${quartzInfo.id}+'\');'" type="button"></button>

修改后

<button th:data-id="${quartzInfo.id}" onclick="del(this,this.getAttribute('data-id'))" type="button"></button>

thymeleaf的onclick标签传参异常的更多相关文章

  1. JS中onclick事件传参

    美术馆案例中,需要将“增加一个img标签,放入大图片”这样一个函数封装,但是在调用的时候需要传参. <script type="text/javascript"> on ...

  2. 枚举|标志枚举+|(或)和&(与)运算|类型转换|值类型和引用类型|传参|异常|垃圾回收

    枚举部分 enum 关键字用于声明枚举,即一种由一组称为枚举数列表的命名常量组成的独特类型. 通常情况下,最好是在命名空间内直接定义枚举,以便该命名空间中的所有类都能够同样方便地访问它. 但是,还可以 ...

  3. thymeleaf模板使用th:onclick进行传参

    错误的写法: th:onclick="'javascript:editUser('+${prod.id}+');'" 正确的写法: th:onclick="'javasc ...

  4. jQuery 事件函数传参异常identifier starts immediately after numeric literal

    问题情境: var arr=[aabbcc,112233]; var html = ""; for(var i =0;i<arr.length;i++){ html += ' ...

  5. js中的onclick事件传参需要注意的问题

    如果参数是数值类型可以直接传,如果是字符串类型需要在字符串前后加上双引号,双引号需要转义 如 onclick="test(0)";  直接传值 参数为数值 onclick=&quo ...

  6. [2019/05/17]解决springboot测试List接口时JSON传参异常

    报错信息,大致如下 c.c.c.c.a.BaseControllerExceptionHandler : 运行时异常: java.lang.IllegalStateException: No prim ...

  7. js onclick事件传参

    传字符串参数 var html = "<a href='#' onclick='onedit(""+ row.name + "")';>编 ...

  8. 关于js中onclick字符串传参问题

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

  9. 关于js中onclick字符串传参问题(html="")

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

随机推荐

  1. Zookeeper连接eclipse

    package com.bw.ZK; import java.io.IOException; import org.apache.zookeeper.CreateMode; import org.ap ...

  2. JMeter配置好环境变量后无法启动---翻车笔记

    双击jmeter.bat出现下图情况 手欠了win7中配置 path无意中多删了变量 解决方法:在计算机-属性-高级系统设置-环境变量Path中添加 %SystemRoot%/system32;%Sy ...

  3. lr 函数--lr_save_string

    lr_eval_string   返回脚本中一个参数当前的值 Returns the string argument after evaluating embedded parameters.一般都用 ...

  4. a = a + 1, a++, ++a ,a+=1区别在哪

    a = a +1; 即最普通的写法,将a的值加1再赋给a:a+=1; 相当于 a = a+1; a++; 是先将a的值赋给一个变量, 再自增: ++a:是先自增, 再把a的值给一个变量

  5. Working with PDF files in C# using PdfBox and IKVM

    I have found two primary libraries for programmatically manipulating PDF files;  PdfBox and iText. T ...

  6. linux 定时下载github最新代码

    场景:网站的代码在github上托管,静态网站部署在服务器上,每次自己修改完本地代码后,提交到github上,需要自己去服务器上执行git pull 拉取最新代码, 为了解决这种操作,自己再服务器上  ...

  7. 【LOJ6067】【2017 山东一轮集训 Day3】第三题 FFT

    [LOJ6067][2017 山东一轮集训 Day3]第三题 FFT 题目大意 给你 \(n,b,c,d,e,a_0,a_1,\ldots,a_{n-1}\),定义 \[ \begin{align} ...

  8. Magento2 API 服务合同设计模式 依赖注入 介绍

    公共接口和API 什么是公共界面? 一个公共接口是一组代码,第三方开发者可以调用,实现或构建一个 插件 .Magento保证在没有重大版本更改的情况下,此代码在后续版本中不会更改. 模块的公共接口 标 ...

  9. FreeNAS系统总结

    FreeNAS简介 FreeNAS是一套免费的NAS服务器,它能将一部普通PC变成网络存储服务器.该软件基于FreeBSD,Samba 及PHP,支持CIFS (samba), FTP, NFS pr ...

  10. Eclipse之JSP页面的使用

    Eclipse之JSP页面的使用 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.使用Eclipse创建JSP文件 1>.点击new file,选择jsp File 2&g ...