Html注释和JSP注释

一、HTML注释

  <!--注释内容-->

二、JSP注释
  <%--注释内容--%>
三、HTML注释和JSP注释的区别:
  3.1 HTML注释会被JSP翻译引擎翻译到Servlet的out.write()中,而JSP注释则会被JSP翻译引擎忽略,在Servlet中是看不到的。
  3.2 在客户端浏览器查看源码时,HTML注释是可以查看到的,但JSP注释在客户端是查看不到的。

四、示例 

  4.1 jsp源码 

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"
 2     pageEncoding="UTF-8"%>
 3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 4 <html>
 5 <head>
 6 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 7 <title>first_jsp</title>
 8 </head>
 9 <body>
10 <!-- HTML注释 -->
11 <%--JSP注释 --%>
12 My First jsp!
13 </body>
14 </html>

4.2 经Tomcat遵循JSP规范将该JSP页面翻译的.java源文件如下:

  1 /*
  2  * Generated by the Jasper component of Apache Tomcat
  3  * Version: Apache Tomcat/7.0.85
  4  * Generated at: 2019-01-22 17:21:18 UTC
  5  * Note: The last modified time of this file was set to
  6  *       the last modified time of the source file after
  7  *       generation to assist with modification tracking.
  8  */
  9 package org.apache.jsp;
 10 
 11 import javax.servlet.*;
 12 import javax.servlet.http.*;
 13 import javax.servlet.jsp.*;
 14 
 15 public final class index_jsp extends org.apache.jasper.runtime.HttpJspBase
 16     implements org.apache.jasper.runtime.JspSourceDependent {
 17 
 18   private static final javax.servlet.jsp.JspFactory _jspxFactory =
 19           javax.servlet.jsp.JspFactory.getDefaultFactory();
 20 
 21   private static java.util.Map<java.lang.String,java.lang.Long> _jspx_dependants;
 22 
 23   private volatile javax.el.ExpressionFactory _el_expressionfactory;
 24   private volatile org.apache.tomcat.InstanceManager _jsp_instancemanager;
 25 
 26   public java.util.Map<java.lang.String,java.lang.Long> getDependants() {
 27     return _jspx_dependants;
 28   }
 29 
 30   public javax.el.ExpressionFactory _jsp_getExpressionFactory() {
 31     if (_el_expressionfactory == null) {
 32       synchronized (this) {
 33         if (_el_expressionfactory == null) {
 34           _el_expressionfactory = _jspxFactory.getJspApplicationContext(getServletConfig().getServletContext()).getExpressionFactory();
 35         }
 36       }
 37     }
 38     return _el_expressionfactory;
 39   }
 40 
 41   public org.apache.tomcat.InstanceManager _jsp_getInstanceManager() {
 42     if (_jsp_instancemanager == null) {
 43       synchronized (this) {
 44         if (_jsp_instancemanager == null) {
 45           _jsp_instancemanager = org.apache.jasper.runtime.InstanceManagerFactory.getInstanceManager(getServletConfig());
 46         }
 47       }
 48     }
 49     return _jsp_instancemanager;
 50   }
 51 
 52   public void _jspInit() {
 53   }
 54 
 55   public void _jspDestroy() {
 56   }
 57 
 58   public void _jspService(final javax.servlet.http.HttpServletRequest request, final javax.servlet.http.HttpServletResponse response)
 59         throws java.io.IOException, javax.servlet.ServletException {
 60 
 61     final javax.servlet.jsp.PageContext pageContext;
 62     javax.servlet.http.HttpSession session = null;
 63     final javax.servlet.ServletContext application;
 64     final javax.servlet.ServletConfig config;
 65     javax.servlet.jsp.JspWriter out = null;
 66     final java.lang.Object page = this;
 67     javax.servlet.jsp.JspWriter _jspx_out = null;
 68     javax.servlet.jsp.PageContext _jspx_page_context = null;
 69 
 70 
 71     try {
 72       response.setContentType("text/html; charset=UTF-8");
 73       pageContext = _jspxFactory.getPageContext(this, request, response,
 74                   null, true, 8192, true);
 75       _jspx_page_context = pageContext;
 76       application = pageContext.getServletContext();
 77       config = pageContext.getServletConfig();
 78       session = pageContext.getSession();
 79       out = pageContext.getOut();
 80       _jspx_out = out;
 81 
 82       out.write("\r\n");
 83       out.write("<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\r\n");
 84       out.write("<html>\r\n");
 85       out.write("<head>\r\n");
 86       out.write("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\r\n");
 87       out.write("<title>first_jsp</title>\r\n");
 88       out.write("</head>\r\n");
 89       out.write("<body>\r\n");
 90       out.write("<!-- HTML注释 -->\r\n");
 91       out.write("\r\n");
 92       out.write("My First jsp!\r\n");
 93       out.write("</body>\r\n");
 94       out.write("</html>");
 95     } catch (java.lang.Throwable t) {
 96       if (!(t instanceof javax.servlet.jsp.SkipPageException)){
 97         out = _jspx_out;
 98         if (out != null && out.getBufferSize() != 0)
 99           try {
100             if (response.isCommitted()) {
101               out.flush();
102             } else {
103               out.clearBuffer();
104             }
105           } catch (java.io.IOException e) {}
106         if (_jspx_page_context != null) _jspx_page_context.handlePageException(t);
107         else throw new ServletException(t);
108       }
109     } finally {
110       _jspxFactory.releasePageContext(_jspx_page_context);
111     }
112   }
113 }

 

我们可以看到只有HTML注释被out.write()到客户端了。所以我们到客户端浏览器查看源码,其截图如下:

 

 

经过上面我们总结出,如果注释内容相对的安全保密则我们用JSP注释,否则的话用HTML注释。但一般遵循安不安全都使用JSP注释为最佳原则。服务端源码能看到就行,不让你客户端看到本程序代码的注释内容。 

 

posted @ 2021-12-16 10:42  塞纳纽斯  阅读(206)  评论(0)    收藏  举报