转自https://my.oschina.net/u/2312080/blog/2878183

异常

严重: Servlet.service() for servlet [DispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateInputException: An error happened during template parsing (template: "ServletContext resource [/WEB-INF/templates//merchant/detail.html]")] with root cause

org.thymeleaf.exceptions.TemplateProcessingException: Only variable expressions returning numbers or booleans are allowed in this context, any other datatypes are not trusted in the context of this expression, including Strings or any other object that could be rendered as a text literal. A typical case is HTML attributes for event handlers (e.g. "onload"), in which textual data from variables should better be output to "data-*" attributes and then read from the event handler. (template: "/merchant/detail" - line 188, col 41)

	at org.thymeleaf.standard.expression.VariableExpression.executeVariableExpression(VariableExpression.java:181)

	at org.thymeleaf.standard.expression.SimpleExpression.executeSimple(SimpleExpression.java:66)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:109)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:96)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.AdditionExpression.executeAddition(AdditionExpression.java:89)

	at org.thymeleaf.standard.expression.ComplexExpression.executeComplex(ComplexExpression.java:62)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:112)

	at org.thymeleaf.standard.expression.Expression.execute(Expression.java:138)

	at org.thymeleaf.standard.processor.StandardDOMEventAttributeTagProcessor.doProcess(StandardDOMEventAttributeTagProcessor.java:214)

	at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:74)

	at org.thymeleaf.processor.element.AbstractElementTagProcessor.process(AbstractElementTagProcessor.java:95)

	at org.thymeleaf.util.ProcessorConfigurationUtils$ElementTagProcessorWrapper.process(ProcessorConfigurationUtils.java:633)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1314)

	at org.thymeleaf.engine.OpenElementTag.beHandled(OpenElementTag.java:205)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.Model.process(Model.java:290)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:367)

	at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:221)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640)

	at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleStandaloneElement(ProcessorTemplateHandler.java:1204)

	at org.thymeleaf.engine.StandaloneElementTag.beHandled(StandaloneElementTag.java:228)

	at org.thymeleaf.engine.Model.process(Model.java:282)

	at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1587)

	at org.thymeleaf.engine.TemplateHandlerAdapterMarkupHandler.handleOpenElementEnd(TemplateHandlerAdapterMarkupHandler.java:304)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler$InlineMarkupAdapterPreProcessorHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:278)

	at org.thymeleaf.standard.inline.OutputExpressionInlinePreProcessorHandler.handleOpenElementEnd(OutputExpressionInlinePreProcessorHandler.java:186)

	at org.thymeleaf.templateparser.markup.InlinedOutputExpressionMarkupHandler.handleOpenElementEnd(InlinedOutputExpressionMarkupHandler.java:124)

	at org.attoparser.HtmlElement.handleOpenElementEnd(HtmlElement.java:109)

	at org.attoparser.HtmlMarkupHandler.handleOpenElementEnd(HtmlMarkupHandler.java:297)

	at org.attoparser.MarkupEventProcessorHandler.handleOpenElementEnd(MarkupEventProcessorHandler.java:402)

	at org.attoparser.ParsingElementMarkupUtil.parseOpenElement(ParsingElementMarkupUtil.java:159)

	at org.attoparser.MarkupParser.parseBuffer(MarkupParser.java:710)

	at org.attoparser.MarkupParser.parseDocument(MarkupParser.java:301)

	at org.attoparser.MarkupParser.parse(MarkupParser.java:257)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parse(AbstractMarkupTemplateParser.java:230)

	at org.thymeleaf.templateparser.markup.AbstractMarkupTemplateParser.parseStandalone(AbstractMarkupTemplateParser.java:100)

	at org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:666)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1098)

	at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072)

	at org.thymeleaf.spring4.view.ThymeleafView.renderFragment(ThymeleafView.java:360)

	at org.thymeleaf.spring4.view.ThymeleafView.render(ThymeleafView.java:192)

	at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1286)

	at org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1041)

	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:984)

	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)

	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)

	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:622)

	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)

	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)

	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)

	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)

	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)

	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)

	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at com.joinpay.cb.common.filter.RepeatedlyReadFilter.doFilter(RepeatedlyReadFilter.java:51)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)

	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)

	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)

	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)

	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)

	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:94)

	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:496)

	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)

	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)

	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:620)

	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)

	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:502)

	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1132)

	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1539)

	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1495)

	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

	at java.lang.Thread.run(Thread.java:748)

原因

3.x版本的thymeleaf为了防止注入攻击,升级了安全机制

解决

修改前

<button th:onclick="'javascript:del(this,\''+${quartzInfo.id}+'\');'" type="button"></button>

修改后

<button th:data-id="${quartzInfo.id}" onclick="del(this,this.getAttribute('data-id'))" type="button"></button>

thymeleaf的onclick标签传参异常的更多相关文章

  1. JS中onclick事件传参

    美术馆案例中,需要将“增加一个img标签,放入大图片”这样一个函数封装,但是在调用的时候需要传参. <script type="text/javascript"> on ...

  2. 枚举|标志枚举+|(或)和&(与)运算|类型转换|值类型和引用类型|传参|异常|垃圾回收

    枚举部分 enum 关键字用于声明枚举,即一种由一组称为枚举数列表的命名常量组成的独特类型. 通常情况下,最好是在命名空间内直接定义枚举,以便该命名空间中的所有类都能够同样方便地访问它. 但是,还可以 ...

  3. thymeleaf模板使用th:onclick进行传参

    错误的写法: th:onclick="'javascript:editUser('+${prod.id}+');'" 正确的写法: th:onclick="'javasc ...

  4. jQuery 事件函数传参异常identifier starts immediately after numeric literal

    问题情境: var arr=[aabbcc,112233]; var html = ""; for(var i =0;i<arr.length;i++){ html += ' ...

  5. js中的onclick事件传参需要注意的问题

    如果参数是数值类型可以直接传,如果是字符串类型需要在字符串前后加上双引号,双引号需要转义 如 onclick="test(0)";  直接传值 参数为数值 onclick=&quo ...

  6. [2019/05/17]解决springboot测试List接口时JSON传参异常

    报错信息,大致如下 c.c.c.c.a.BaseControllerExceptionHandler : 运行时异常: java.lang.IllegalStateException: No prim ...

  7. js onclick事件传参

    传字符串参数 var html = "<a href='#' onclick='onedit(""+ row.name + "")';>编 ...

  8. 关于js中onclick字符串传参问题

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

  9. 关于js中onclick字符串传参问题(html="")

    规则: 外变是“”,里面就是‘’外边是‘’,里边就是“”   示例: var a="111"; var html="<a onclick='selecthoods( ...

随机推荐

  1. 对List集合嵌套了map集合对double值进行排序

    /*[ { "repairo": "asda", "num": 88.71 }, { "repairo": " ...

  2. Django生命周期 URL ----> CBV 源码解析-------------- 及rest_framework APIView 源码流程解析

    一.一个请求来到Django 的生命周期   FBV 不讨论 CBV: 请求被代理转发到uwsgi: 开始Django的流程: 首先经过中间件process_request (session等) 然后 ...

  3. 虚拟机系统安装Messenger和Server

    YCD对支持虚拟机运行Messenger和Server, 不论用哪种虚拟机安装, 请保证: 确认DirectX和Direct 3D组件已经开启 为虚拟机分配显卡计算资源 如果不满足以上条件, 虚拟机上 ...

  4. 爬zol村壁纸篇

    # -*- coding: utf-8 -*- # @Author : Jackzz import requests,os from pyquery import PyQuery as pq def ...

  5. Mybatis映射文件的自动映射与手动映射问题

    Mapper XML 文件 MyBatis 的真正强大在于它的映射语句,也是它的魔力所在.由于它的异常强大,映射器的 XML 文件就显得相对简单.如果拿它跟具有相同功能的 JDBC 代码进行对比,你会 ...

  6. C# 数组、HashSet等内存耗尽的解决办法

    在C#中,如果数据量太大,就会出现 'System.OutOfMemoryException' 异常. 解决办法来自于Stack Overflow和MSDN    https://docs.micro ...

  7. [模板] 笛卡尔树 && RMQ

    话说我noip之前为什么要学这种东西... 简介 笛卡尔树(Cartesian Tree) 是一种二叉树, 且同时具有以下两种性质: 父亲节点的值大于/小于子节点的值; 中序遍历的结果为原序列. 笛卡 ...

  8. POJ1509 Glass Beads 【后缀自动机】

    题目分析: 模板练手.看最长能走多远. 代码: #include<iostream> #include<cstdio> #include<cstdlib> #inc ...

  9. Codeforces #381(div2)

    A.题目:http://codeforces.com/contest/740/problem/A 题意:现有n本书,买一本书需要花a元,两本书b元,三本书c元,问买够书是4的倍数所需要的最小花费 思路 ...

  10. 【并发编程】MESI--CPU缓存一致性协议

    原文:多线程之:MESI-CPU缓存一致性协议 概念 MESI(Modified Exclusive Shared Or Invalid)(也称为伊利诺斯协议,是因为该协议由伊利诺斯州立大学提出)是一 ...