问题的简短版本。在某些情况下,我不希望在字符串 JSon 值上加上引号:
颜色 =Highcharts.getOptions((.colors[0]
取而代之的是:
颜色 = "Highcharts.getOptions((.colors[0]">
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
长细节....我有工作代码,它是我制作的控制器模型(作为概念证明(,为客户端上的 HighCharts.com 图生成所有 Json。
1
客户端代码(工作(
@{
ViewBag.Title = "View";
}
<h2>High Charts Proof of Concept</h2>
<div id="container" style="min-width: 310px; height: 400px; margin: 0 auto"></div>
@section Scripts {
<script type="text/javascript">
$(function() {
fetchSampleChart1();
function fetchSampleChart1() {
$.ajax({
url: '/Test1/SampleChart1/',
type: 'GET',
//data: '?',
//data: 'adminEntityID=' + adminEntity + '&fieldName=' + fieldName + '&fieldValue=' + fieldValue + '&outletID=' + outlet,
complete: function (data, textStatus, xhr) {
console.log(data.responseText);
var strGraphData = $.parseJSON(data.responseText);
if (strGraphData.length == 0) {
//GraphEmptyDisplay(parmChartId, msg);
console.log("!!!!GRAPH DATA EMPTY!!!!");
return '';
}
$("#container").highcharts(strGraphData);
},
error:function(xhr, textStatus, errorThrown) {
//Inject a default error message to the modal target.
}
});
}
});
</script>
<script type="text/javascript" src="/scripts/jquery-1.10.2.min.js"></script>
<script type="text/javascript" src="https://code.highcharts.com/highcharts.js"></script>
<script type="text/javascript" src="https://code.highcharts.com/modules/exporting.js"></script>
}
阿拉伯数字
它调用的控制器操作。除了它在我只想在大部分输出上发出引号之外,它在所有输出上发出引号之外有效。
[HttpGet]
public ContentResult SampleChart1()
{
var sc = new HighChartGraph
{
Title = new Title() {Text = "Combination Chart"},
XAxis = new XAxis() {Categories = new string[] {"Apples", "Oranges", "Pears", "Banannas", "Plums"}},
Center = "[100,80]",
Size = 100,
ShowInLegend = false,
DataLabels = new dataLabels {Enabled = false},
Labels = new Labels
{
Items = new Items
{
Html = "Total Fruit consumption",
Style =
new Style()
{
Left = "50px",
Top = "18px",
//Color = "(Highcharts.theme && Highcharts.theme.textColor) || 'black'"
Color="yellow"
}
}
},
Series = new List<GraphSeries>
{
new GraphSeries
{
GraphType = "column",
Name = "Jane",
DataSimple = new decimal[] {3, 2, 1, 3, 4}
},
new GraphSeries
{
GraphType = "column",
Name = "John",
DataSimple = new decimal[] {2, 3, 5, 7, 6}
},
new GraphSeries
{
GraphType = "column",
Name = "Joe",
DataSimple = new decimal[] {4, 3, 3, 9, 0}
},
new GraphSeries
{
GraphType = "spline",
Name = "Average",
DataSimple = new decimal[] {3, 2.67m, 3, 6.33m, 3.33m},
Marker =
new marker
{
LineWidth = 2,
LineColor = "Highcharts.getOptions().colors[3]",
//LineColor="Black",
FillColor = "white"
}
},
new GraphSeries
{
GraphType = "pie",
Name = "Total Consumption",
DataExtended = new List<Data>
{
new Data {Name = "Jane", Y = 13, Color = "Highcharts.getOptions().colors[0]"},
//new data {Name = "Jane", Y = 13, Color = "Red"},
new Data {Name = "John", Y = 23, Color = "Highcharts.getOptions().colors[1]"},
//new data {Name = "John", Y = 23, Color = "Black"},
new Data {Name = "Joe", Y = 19, Color = "Highcharts.getOptions().colors[2]"}
//new data {Name = "Joe", Y = 19, Color = "Blue"},
}
}
}
};
//var j=new JavaScriptSerializer().Serialize(sc); // .NET Serialization will not use [JsonProperty()] attributes
var j = JsonConvert.SerializeObject(sc); // Newtonsoft Serialization WILL USE [JsonProperty()] attributes
//return Json(sc,JsonRequestBehavior.AllowGet); // cannot use it will not use our NewtonSoft serialization
return Content(j, "application/json");
}
3 模型 它调用以获取 JSon:
public class HighChartGraph
{
[JsonProperty(PropertyName = "title")]
public Title Title;
[JsonProperty(PropertyName = "xAxis")]
public XAxis XAxis;
[JsonProperty(PropertyName = "labels")]
public Labels Labels;
[JsonProperty(PropertyName = "center")]
public string Center;
[JsonProperty(PropertyName = "size")]
public int Size;
[JsonProperty(PropertyName = "showInLegend")]
public bool ShowInLegend;
[JsonProperty(PropertyName = "dataLabels")]
public dataLabels DataLabels;
[JsonProperty(PropertyName = "series")]
public List<GraphSeries> Series;
}
public class Title
{
[JsonProperty(PropertyName = "text")]
public string Text;
}
public class XAxis
{
[JsonProperty(PropertyName = "categories")]
public string[] Categories;
}
public class Labels
{
[JsonProperty(PropertyName = "items")]
public Items Items;
}
public class Items
{
[JsonProperty(PropertyName = "html")]
public string Html;
[JsonProperty(PropertyName = "style")]
public Style Style;
}
public class Style
{
[JsonProperty(PropertyName = "left")]
public string Left;
[JsonProperty(PropertyName = "top")]
public string Top;
[JsonProperty(PropertyName = "color")]
public string Color;
}
public class GraphSeries
{
private string _GraphType;
[JsonProperty(PropertyName = "type")]
public string GraphType
{
get { return _GraphType; }
set { _GraphType = value; }
}
[JsonProperty(PropertyName = "name")]
public string Name;
[JsonProperty(PropertyName = "marker")]
public marker Marker;
[JsonProperty(PropertyName = "data")]
public object Data
{
get
{
if (DataSimple != null) return DataSimple;
if(DataExtended !=null) return DataExtended;
return null;
}
}
[NonSerialized][ScriptIgnore]
public decimal[] DataSimple = null;
[NonSerialized][ScriptIgnore]
public List<Data> DataExtended = null;
}
public class Data
{
[JsonProperty(PropertyName = "name")]
public string Name;
[JsonProperty(PropertyName = "y")]
public long Y;
[JsonProperty(PropertyName = "color")]
public string Color;
}
public class dataLabels
{
[JsonProperty(PropertyName = "enabled")]
public bool Enabled;
}
public class marker
{
[JsonProperty(PropertyName = "linewidth")]
public int LineWidth;
[JsonProperty(PropertyName = "linecolor")]
public string LineColor;
[JsonProperty(PropertyName = "fillcolor")]
public string FillColor;
}
4 作为参考,这里是我创建模型和示例代码的HighCharts图表:
http://jsfiddle.net/gh/get/jquery/1.9.1/highslide-software/highcharts.com/tree/master/samples/highcharts/demo/combo/
HighCharts没有使用JSON,而是一个实际的javascript对象。这就是为什么他们能够在其中包含可执行的内容。出于安全原因,JSON 非常具体地不可执行,仅数据。
这里有几个选项:
- 使用 JSON 作为交换格式,但有一个客户端函数,该函数通过 JSON 旋转,注意它是否包含允许的可执行函数,eval(( 的它,并将值覆盖回属性中。
- 编写自己的JSONish生成器,该生成器反映在对象树上,并构建出可执行的javascript对象与JSON 的对比
- 挂钩到 JSON.NET 并创建一个不带引号的可执行字符串类型。看起来你可以制作一个JsonConverter来做到这一点,就像:https://stackoverflow.com/a/21766191/8037。喜欢那个 JsonConverter,除了调用编写器。WriteRaw 或 writer。WriteRawValue 来写出 js。
我不必提及,通过这样做,您最终会绕过许多安全功能。评估从外部源接收的任何代码都可能很危险。也就是说,如果该功能是概念证明,并且如果它只是联系您控制的服务器并且无法以不同的方式注入,那么您应该非常安全。
我只是简单地更新public class Data,这样你就有了某种枚举,而不是为Color和LineColor属性放置字符串:
new Data {Name = "Joe", Y = 19, Color = HighchartsCcolor2 }
然后在客户端上,循环遍历data.responseText并打开 .Color 属性。在那里,您将根据枚举值使用所需的值。
这将允许您返回有效的 JSON 并在客户端上根据需要处理它。