转自https://my.oschina.net/u/2312080/blog/2878183

异常

严重: Servlet.service() for servlet [DispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: An error happened during template parsing (template: "ServletContext resource [/WEB-INF/templates//merchant/detail.html]")] with root cause

org.thymeleaf.exceptions.TemplateProcessingException: Only variable expressions returning numbers or booleans are allowed in this context, any other datatypes are not trusted in the context of this expression, including Strings or any other object that could be rendered as a text literal. A typical case is HTML attributes for event handlers (e.g. "onload"), in which textual data from variables should better be output to "data-*" attributes and then read from the event handler. (template: "/merchant/detail" - line 188, col 41)

	at org.thymeleaf.standard.expression.VariableExpression.executeVariableExpression(VariableExpression.java:181)

	at org.thymeleaf.standard.expression.SimpleExpression.executeSimple(SimpleExpression.java:66)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:109)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:96)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:138)

	at org.thymeleaf.standard.processor.StandardDOMEventAttributeTagProcessor.doProcess(StandardDOMEventAttributeTagProcessor.java:214)

	at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:74)

	at org.thymeleaf.processor.element.AbstractElementTagProcessor.process(AbstractElementTagProcessor.java:95)

	at org.thymeleaf.util.ProcessorConfigurationUtils$ElementTagProcessorWrapper.process(ProcessorConfigurationUtils.java:633)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1314)

	at org.thymeleaf.engine.OpenElementTag.beHandled(OpenElementTag.java:205)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.Model.process(Model.java:290)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:367)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:221)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640)

	at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleStandaloneElement(ProcessorTemplateHandler.java:1204)

	at org.thymeleaf.engine.StandaloneElementTag.beHandled(StandaloneElementTag.java:228)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1587)

	at org.thymeleaf.engine.TemplateHandlerAdapterMarkupHandler.handleOpenElementEnd(TemplateHandlerAdapterMarkupHandler.java:304)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler$InlineMarkupAdapterPreProcessorHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:278)

	at org.thymeleaf.standard.inline.OutputExpressionInlinePreProcessorHandler.handleOpenElementEnd(OutputExpressionInlinePreProcessorHandler.java:186)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:124)

	at org.attoparser.HtmlElement.handleOpenElementEnd(HtmlElement.java:109)

	at org.attoparser.HtmlMarkupHandler.handleOpenElementEnd(HtmlMarkupHandler.java:297)

	at org.attoparser.MarkupEventProcessorHandler.handleOpenElementEnd(MarkupEventProcessorHandler.java:402)

	at org.attoparser.ParsingElementMarkupUtil.parseOpenElement(ParsingElementMarkupUtil.java:159)

	at org.attoparser.MarkupParser.parseBuffer(MarkupParser.java:710)

	at org.attoparser.MarkupParser.parseDocument(MarkupParser.java:301)

	at org.attoparser.MarkupParser.parse(MarkupParser.java:257)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplateParser.java:230)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplateParser.java:100)

	at org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072)

	at org.thymeleaf.spring4.view.ThymeleafView.renderFragment(ThymeleafView.java:360)

	at org.thymeleaf.spring4.view.ThymeleafView.render(ThymeleafView.java:192)

	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1286)

	at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1041)

	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:984)

	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)

	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)

	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)

	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)

	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at com.joinpay.cb.common.filter.RepeatedlyReadFilter.doFilter(RepeatedlyReadFilter.java:51)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)

	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)

	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)

	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)

	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)

	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)

	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)

	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)

	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)

	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

	at java.lang.Thread.run(Thread.java:748)

原因

3.x版本的thymeleaf为了防止注入攻击,升级了安全机制

解决

修改前

<button th:onclick="'javascript:del(this,\''+${quartzInfo.id}+'\');'" type="button"></button>

修改后

<button th:data-id="${quartzInfo.id}" onclick="del(this,this.getAttribute('data-id'))" type="button"></button>

thymeleaf的onclick标签传参异常的更多相关文章

  1. JS中onclick事件传参

    美术馆案例中,需要将“增加一个img标签,放入大图片”这样一个函数封装,但是在调用的时候需要传参. <script type="text/javascript"> on ...

  2. 枚举|标志枚举+|(或)和&(与)运算|类型转换|值类型和引用类型|传参|异常|垃圾回收

    枚举部分 enum 关键字用于声明枚举,即一种由一组称为枚举数列表的命名常量组成的独特类型. 通常情况下,最好是在命名空间内直接定义枚举,以便该命名空间中的所有类都能够同样方便地访问它. 但是,还可以 ...

  3. thymeleaf模板使用th:onclick进行传参

    错误的写法: th:onclick="'javascript:editUser('+${prod.id}+');'" 正确的写法: th:onclick="'javasc ...

  4. jQuery 事件函数传参异常identifier starts immediately after numeric literal

    问题情境: var arr=[aabbcc,112233]; var html = ""; for(var i =0;i<arr.length;i++){ html += ' ...

  5. js中的onclick事件传参需要注意的问题

    如果参数是数值类型可以直接传,如果是字符串类型需要在字符串前后加上双引号,双引号需要转义 如 onclick="test(0)";  直接传值 参数为数值 onclick=&quo ...

  6. [2019/05/17]解决springboot测试List接口时JSON传参异常

    报错信息,大致如下 c.c.c.c.a.BaseControllerExceptionHandler : 运行时异常: java.lang.IllegalStateException: No prim ...

  7. js onclick事件传参

    传字符串参数 var html = "<a href='#' onclick='onedit(""+ row.name + "")';>编 ...

  8. 关于js中onclick字符串传参问题

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

  9. 关于js中onclick字符串传参问题(html="")

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

随机推荐

  1. supervisor 守护者进程配置小记

    安装 Supervisor 联网状态下,官方推荐首选安装方法是使用easy_install,它是setuptools(Python 包管理工具)的一个功能.所以先执行如下命令安装 setuptools ...

  2. MYSQL 两表 排除 重复记录

    MySQL之——查询重复记录.删除重复记录方法大全 - 冰河的专栏 - CSDN博客https://blog.csdn.net/l1028386804/article/details/51733585 ...

  3. 在QT中使用C/C++, 在linux下生成 .so, 并调用 .so

    时间不早了, 先下班了... 明天再写..

  4. PHP artisan migrate 报错显示 could not find driver ,怎么办?

    记录下自己的错误 一. 1.原因是没有pdo扩展导致的, 2.解决办法:打开php.ini,然后去掉以下两行代码之前的分号(:)即可.如下: extension=php_pdo_firebird.dl ...

  5. 第一章· Redis入门部署及持久化介绍

    Redis简介 Redis安装部署 Redis持久化 Redis简介 软件说明: Redis是一款开源的,ANSI C语言编写的,高级键值(key-value)缓存和支持永久存储NoSQL数据库产品. ...

  6. Codeforces Round #551 (Div. 2) 题解

    CF1153A 直接做啊,分类讨论即可 #include<iostream> #include<string.h> #include<string> #includ ...

  7. centos7下使用LVM给系统硬盘扩容超详细

    简单介绍: LVM是逻辑盘卷管理(Logical Volume Manager)的简称,它是Linux环境下对磁盘分区进行管理的一种机制,LVM是建立在硬盘和分区之上的一个逻辑层,来提高磁盘分区管理的 ...

  8. 洛谷P4155 BZOJP4444 [SCOI2015]国旗计划

    自己做出来的第一道倍增(fake) 原题链接 看到题目,贪心水题!不仅思维难度低,代码也好(难)写,三下五除二就写了出来,过了样例.但是一交,只有40pts.一道紫题能让我快速水40pts,良心出题人 ...

  9. 越光后端开发——ygapi(2.新建Model)

    1.新建Model 1.users数据 1.在apps/users/models.py中: from datetime import datetime from django.db import mo ...

  10. css实现弹出框

    弹出框也是前端里面经常使用的一个应用场景了,最开始想到的是用js实现这个效果,看到codepen上面有用css实现的.其实就是用到了css里面的一个:target选择器+visibility属性. U ...