HttpResponse.Write 方法

定义

将信息写入 HTTP 响应输出流。Writes information to an HTTP response output stream.

重载

Write(Char)

将一个字符写入 HTTP 响应输出流。Writes a character to an HTTP response output stream.

Write(Object)

Object 写入 HTTP 响应流。Writes an Object to an HTTP response stream.

Write(String)

将一个字符串写入 HTTP 响应输出流。Writes a string to an HTTP response output stream.

Write(Char[], Int32, Int32)

将一个字符数组写入 HTTP 响应输出流。Writes an array of characters to an HTTP response output stream.

Write(Char)

将一个字符写入 HTTP 响应输出流。Writes a character to an HTTP response output stream.

public:
 void Write(char ch);
public void Write (char ch);
member this.Write : char -> unit
Public Sub Write (ch As Char)

参数

ch
Char

要写入 HTTP 输出流的字符。The character to write to the HTTP output stream.

示例

下面的示例创建一系列使用 Write 方法写入到 ASP.NET 页的常量。The following example creates a series of constants that are written to an ASP.NET page using the Write method. 此代码将调用此写入方法版本,以将单个字符常量写入页面。The code calls this version of the Write method to write individual character constants to the page.

    <%

        // Create a character array.
    char[] charArray = {'H', 'e', 'l', 'l', 'o', ',', ' ', 
                           'w', 'o', 'r', 'l', 'd'};

        // Write a character array to the client.
        Response.Write(charArray, 0, charArray.Length);

        // Write a single characher.
        Response.Write(';');

        // Write a sub-section of a character array to the client.
        Response.Write(charArray, 0, 5);
// <snippet6>
        // Write an object to the client.
        object obj = (object)13;
        Response.Write(obj);
// </snippet6>

    %>
      <%
         Dim charArray As Char() = {"H"c, "e"c, "l"c, "l"c, "o"c, ","c, " "c, _
                                 "w"c, "o"c, "r"c, "l"c, "d"c}
         ' Write a character array to the client.
         Response.Write(charArray, 0, charArray.Length)

         ' Write a single character.
         Response.Write(";"c)

         ' Write a sub-section of a character array to the client.
         Response.Write(charArray, 0, 5)
' <snippet6>
         ' Write an object to the client.
         Dim obj As Object
         obj = CType(13, Object)
         Response.Write(obj)
' </snippet6>
      %>

Write(Object)

Object 写入 HTTP 响应流。Writes an Object to an HTTP response stream.

public:
 void Write(System::Object ^ obj);
public void Write (object obj);
member this.Write : obj -> unit
Public Sub Write (obj As Object)

参数

obj
Object

要写入 HTTP 输出流的 ObjectThe Object to write to the HTTP output stream.

Write(String)

将一个字符串写入 HTTP 响应输出流。Writes a string to an HTTP response output stream.

public:
 void Write(System::String ^ s);
public void Write (string s);
member this.Write : string -> unit
Public Sub Write (s As String)

参数

s
String

要写入 HTTP 输出流的字符串。The string to write to the HTTP output stream.

示例

下面的示例将客户端的名称回显到客户端的浏览器。The following example echoes the client's name back to the client's browser. 方法去除了可能UserName在输入字段中提交的任何恶意脚本和无效字符。 HtmlEncodeThe HtmlEncode method strips any malicious script and invalid characters that may have been submitted in the UserName input field.

Response.Write("Hello " + Server.HtmlEncode(Request.QueryString["UserName"]) + "<br>");
    
Response.Write("Hello " & Server.HtmlEncode(Request.QueryString("UserName")) & "<br>")

注解

如果从 Web 客户端接收到从客户端接收的输入或将其传输回客户端,则动态生成的 HTML 页面可能会带来安全风险。Dynamically generated HTML pages can introduce security risks if input received from Web clients is not validated either when it is received from a client or when it is transmitted back to a client. 嵌入到输入网站并稍后写回客户端的输入中的恶意脚本可能看似来自受信任的源。Malicious script that is embedded in input submitted to a Web site and later written back out to a client can appear to be originating from a trusted source. 此安全风险称为跨站点脚本攻击。This security risk is referred to as a cross-site scripting attack. 应始终验证从客户端传输到客户端浏览器时从客户端收到的数据。You should always validate data that is received from a client when it will be transmitted from your site to client browsers.

而且,无论何时以 HTML 形式写出作为输入接收的任何数据,都应使用一种技术(如HtmlEncodeUrlEncode )对其进行编码,以防止恶意脚本执行。Moreover, whenever you write out as HTML any data that was received as input, you should encode it using a technique such as HtmlEncode or UrlEncode to prevent malicious script from executing. 此方法适用于接收时未验证的数据。This technique is useful for data that was not validated when it was received.

编码或筛选数据时,必须为网页指定字符集,以便筛选器可以识别并删除任何不属于该集的字节序列(如非字母数字序列),并且可能会在它们.When you encode or filter data, you must specify a character set for your Web pages so that your filter can identify and remove any byte sequences that do not belong to that set (such as nonalphanumeric sequences) and could potentially have malicious script embedded in them.

有关跨站点脚本攻击的详细信息,请参阅Microsoft 知识库网站上的文章 Q252985 "如何阻止跨站点脚本安全问题"。For more information about cross-site scripting attacks, see article Q252985, "How to Prevent Cross-Site Scripting Security Issues" on the Microsoft Knowledge Base Web site.

Write(Char[], Int32, Int32)

将一个字符数组写入 HTTP 响应输出流。Writes an array of characters to an HTTP response output stream.

public:
 void Write(cli::array <char> ^ buffer, int index, int count);
public void Write (char[] buffer, int index, int count);
member this.Write : char[] * int * int -> unit
Public Sub Write (buffer As Char(), index As Integer, count As Integer)

参数

buffer
Char[]

要写入的字符数组。The character array to write.

index
Int32

字符数组中开始进行写入的位置。The position in the character array where writing starts.

count
Int32

index 开始写入的字符数。The number of characters to write, beginning at index.

示例

下面的示例创建一系列使用 Write 方法写入到 ASP.NET 页的常量。The following example creates a series of constants that are written to an ASP.NET page using the Write method. 此代码将调用此写入方法版本,以将单个字符常量写入页面。The code calls this version of the Write method to write individual character constants to the page.

    <%

        // Create a character array.
    char[] charArray = {'H', 'e', 'l', 'l', 'o', ',', ' ', 
                           'w', 'o', 'r', 'l', 'd'};

        // Write a character array to the client.
        Response.Write(charArray, 0, charArray.Length);

        // Write a single characher.
        Response.Write(';');

        // Write a sub-section of a character array to the client.
        Response.Write(charArray, 0, 5);
// <snippet6>
        // Write an object to the client.
        object obj = (object)13;
        Response.Write(obj);
// </snippet6>

    %>
      <%
         Dim charArray As Char() = {"H"c, "e"c, "l"c, "l"c, "o"c, ","c, " "c, _
                                 "w"c, "o"c, "r"c, "l"c, "d"c}
         ' Write a character array to the client.
         Response.Write(charArray, 0, charArray.Length)

         ' Write a single character.
         Response.Write(";"c)

         ' Write a sub-section of a character array to the client.
         Response.Write(charArray, 0, 5)
' <snippet6>
         ' Write an object to the client.
         Dim obj As Object
         obj = CType(13, Object)
         Response.Write(obj)
' </snippet6>
      %>

适用于