9  

What happens if you use the <pre> tag to display HTML markup on your blog:

如果您使用

标记在博客上显示HTML标记会发生什么:

<pre>Use a <span style="background: yellow;">span tag with style attribute</span> to hightlight words</pre>

This will pass HTML validation, but does it produce the expected result? No. The correct way is:

这将通过HTML验证,但它是否会产生预期的结果?不。正确的方法是:

<pre>Use a &lt;span style=&quot;background: yellow;&quot;&gt;span tag with style attribute&lt;/span&gt; to hightlight words</pre>

Another example: if you use the pre tag to display some other language code, the HTML encoding is still required:

另一个例子:如果使用pre标签显示其他语言代码,仍然需要HTML编码:

<pre>if (i && j) return;</pre>

This might produce the expected result but does it pass HTML validation? No. The correct way is:

这可能会产生预期的结果,但它是否通过HTML验证?不。正确的方法是:

<pre>if (i &amp;&amp; j) return;</pre>

Long story short, HTML-encode the content of a pre tag just the way you do with other tags.

简而言之,对预标签的内容进行HTML编码就像使用其他标签一样。

5  

The "Only For You" - HTML "fosile" version: using <xmp> tag

This is not well known, but it really does exist and even chrome still supports it, however using pair <xmp> tag is NOT recommended to be relied on - it's just for you, but its a very simple way how to do your personal e.g. DOCS. even w3.org WIKI says in example "No, really. don't use it."

这不是众所周知的,但它确实存在,甚至chrome仍然支持它,但是不建议使用pair

You can put ANY html (excluding </xmp> end tag) inside <xmp></xmp>

您可以在

<xmp>
<html> <br> just any other html tags...
</xmp>

The proper version

Proper version could be considered a HTML stored as STRING and displayed with the help of some escaping function.
Just remember one thing - the strings in C-like languages are ususally written between single quotes or double quotes - if you wrap your string in double => you should escape doubles (problably with \), if you wrap your string in single => escape singles (probably with \)...

正确的版本可以被视为存储为STRING的HTML,并在某些转义函数的帮助下显示。只记得一件事 - 类C语言中的字符串通常用单引号或双引号编写 - 如果你将字符串换成double =>你应该转义双精度数(可以用\来),如果你将你的字符串换成单个=>逃脱单打(可能带着\)......

The most common way - Server-side language escaping (ex. in PHP)

Server-side scripting languages often have some built-in function to escape HTML.

服务器端脚本语言通常具有一些内置函数来转义HTML。

<?php
   $html = "<html> <br> or just any other HTML"; //store html
   echo htmlspecialchars($html); //display escaped html
?>

The client-side way (example in JavaScript&jQuery)

Similar approach as on server-side is achievable in client-side scripts, JavaScript, from what I know, has no built-in function for that (it's quite logical), but if you use some framework/library, like jQuery - there are functions that can be used that way.
Just remember the same thing as for server-side - in C-like languages, escape the quotes you've wrapped your string in...

在客户端脚本中可以实现与服务器端类似的方法,JavaScript,据我所知,没有内置函数(这是非常合乎逻辑的),但是如果你使用一些框架/库,比如jQuery,那么可以这种方式使用的函数。只要记住与服务器端相同的东西 - 在类C语言中,转义你已经将你的字符串包裹起来的引号......

var html = '<html> <br> or just any other HTML';
var $elementToInsertEscapedHTMLto = jQuery("XXX"); //XXX is selector, e.g. CSS selector
$elementToInsertEscapedHTMLto.text( html ); 

-1  

For posting code within your markup, I suggest using the <code> tag. It works the same way as pre but would be considered semantically correct.

为了在您的标记中发布代码,我建议使用标记。它的工作方式与pre相同,但在语义上是正确的。

Otherwise, <code> and <pre> only need the angle brackets encoded.

否则,和

只需要编码的尖括号。

-3  

Use this and don't worry about any of them.

使用它,不要担心它们中的任何一个。

<pre>
${fn:escapeXml('
  <!-- all your code -->
')};
</pre>

You'll need to have jQuery enabled for it to work.

你需要启用jQuery才能工作。

-4  

< and > are the only characters that must be escaped. All others are allowed.

<和> 是必须转义的唯一字符。所有其他人都被允许。

-5  

Using the pre tag you don't have to escape anything.

使用预标签,您不必逃避任何事情。