HttpResponse.Write 方法

定義

將資訊寫入 HTTP 回應輸出資料流。Writes information to an HTTP response output stream.

多載

Write(Char)

將字元寫入 HTTP 回應輸出資料流。Writes a character to an HTTP response output stream.

Write(Object)

Object 寫入 HTTP 回應資料流。Writes an Object to an HTTP response stream.

Write(String)

將字串寫入 HTTP 回應輸出資料流。Writes a string to an HTTP response output stream.

Write(Char[], Int32, Int32)

將字元的陣列寫入 HTTP 回應輸出資料流。Writes an array of characters to an HTTP response output stream.

Write(Char)

將字元寫入 HTTP 回應輸出資料流。Writes a character to an HTTP response output stream.

public:
 void Write(char ch);
public void Write (char ch);
member this.Write : char -> unit
Public Sub Write (ch As Char)

參數

ch
Char

要傳送至 HTTP 輸出資料流的字元。The character to write to the HTTP output stream.

範例

下列範例會建立一系列使用 Write 方法寫入至 ASP.NET 網頁的常數。The following example creates a series of constants that are written to an ASP.NET page using the Write method. 程式碼會呼叫這個版本的 Write 方法,將個別的字元常數寫入頁面。The code calls this version of the Write method to write individual character constants to the page.

    <%

        // Create a character array.
    char[] charArray = {'H', 'e', 'l', 'l', 'o', ',', ' ', 
                           'w', 'o', 'r', 'l', 'd'};

        // Write a character array to the client.
        Response.Write(charArray, 0, charArray.Length);

        // Write a single characher.
        Response.Write(';');

        // Write a sub-section of a character array to the client.
        Response.Write(charArray, 0, 5);
// <snippet6>
        // Write an object to the client.
        object obj = (object)13;
        Response.Write(obj);
// </snippet6>

    %>
      <%
         Dim charArray As Char() = {"H"c, "e"c, "l"c, "l"c, "o"c, ","c, " "c, _
                                 "w"c, "o"c, "r"c, "l"c, "d"c}
         ' Write a character array to the client.
         Response.Write(charArray, 0, charArray.Length)

         ' Write a single character.
         Response.Write(";"c)

         ' Write a sub-section of a character array to the client.
         Response.Write(charArray, 0, 5)
' <snippet6>
         ' Write an object to the client.
         Dim obj As Object
         obj = CType(13, Object)
         Response.Write(obj)
' </snippet6>
      %>

Write(Object)

Object 寫入 HTTP 回應資料流。Writes an Object to an HTTP response stream.

public:
 void Write(System::Object ^ obj);
public void Write (object obj);
member this.Write : obj -> unit
Public Sub Write (obj As Object)

參數

obj
Object

要寫入 HTTP 輸出資料流的 ObjectThe Object to write to the HTTP output stream.

Write(String)

將字串寫入 HTTP 回應輸出資料流。Writes a string to an HTTP response output stream.

public:
 void Write(System::String ^ s);
public void Write (string s);
member this.Write : string -> unit
Public Sub Write (s As String)

參數

s
String

要寫入 HTTP 輸出資料流的字串。The string to write to the HTTP output stream.

範例

下列範例會將用戶端的名稱回應回用戶端的瀏覽器。The following example echoes the client's name back to the client's browser. 方法會去除UserName輸入欄位中可能已提交的任何惡意腳本和無效字元。 HtmlEncodeThe HtmlEncode method strips any malicious script and invalid characters that may have been submitted in the UserName input field.

Response.Write("Hello " + Server.HtmlEncode(Request.QueryString["UserName"]) + "<br>");
    
Response.Write("Hello " & Server.HtmlEncode(Request.QueryString("UserName")) & "<br>")

備註

動態產生的 HTML 頁面可能會造成安全性風險,如果從 Web 用戶端接收到的輸入是從用戶端收到,或傳送回用戶端,則不會進行驗證。Dynamically generated HTML pages can introduce security risks if input received from Web clients is not validated either when it is received from a client or when it is transmitted back to a client. 內嵌在已提交至網站的輸入中,並于稍後寫回給用戶端的惡意腳本,可能會來自受信任的來源。Malicious script that is embedded in input submitted to a Web site and later written back out to a client can appear to be originating from a trusted source. 此安全性風險稱為跨網站腳本攻擊。This security risk is referred to as a cross-site scripting attack. 當從您的網站傳輸到用戶端瀏覽器時,您應該一律驗證從用戶端收到的資料。You should always validate data that is received from a client when it will be transmitted from your site to client browsers.

此外,每當您寫出做為輸入的任何資料時,您都應該使用HtmlEncodeUrlEncode之類的技術來編碼它,以防止惡意腳本執行。Moreover, whenever you write out as HTML any data that was received as input, you should encode it using a technique such as HtmlEncode or UrlEncode to prevent malicious script from executing. 這項技術適用于收到時未驗證的資料。This technique is useful for data that was not validated when it was received.

當您編碼或篩選資料時,您必須指定網頁的字元集,讓您的篩選可以識別並移除不屬於該集合的任何位元組序列(例如非英數位元的序列),而且可能會有內嵌在中的惡意腳本客戶.When you encode or filter data, you must specify a character set for your Web pages so that your filter can identify and remove any byte sequences that do not belong to that set (such as nonalphanumeric sequences) and could potentially have malicious script embedded in them.

如需跨網站腳本攻擊的詳細資訊,請參閱Microsoft 知識庫網站上的 < 如何防止跨網站腳本安全性問題的文章 Q252985。For more information about cross-site scripting attacks, see article Q252985, "How to Prevent Cross-Site Scripting Security Issues" on the Microsoft Knowledge Base Web site.

Write(Char[], Int32, Int32)

將字元的陣列寫入 HTTP 回應輸出資料流。Writes an array of characters to an HTTP response output stream.

public:
 void Write(cli::array <char> ^ buffer, int index, int count);
public void Write (char[] buffer, int index, int count);
member this.Write : char[] * int * int -> unit
Public Sub Write (buffer As Char(), index As Integer, count As Integer)

參數

buffer
Char[]

要寫入的字元陣列。The character array to write.

index
Int32

開始寫入之字元陣列中的位置。The position in the character array where writing starts.

count
Int32

要寫入的字元數,從 index 開始。The number of characters to write, beginning at index.

範例

下列範例會建立一系列使用 Write 方法寫入至 ASP.NET 網頁的常數。The following example creates a series of constants that are written to an ASP.NET page using the Write method. 程式碼會呼叫這個版本的 Write 方法,將個別的字元常數寫入頁面。The code calls this version of the Write method to write individual character constants to the page.

    <%

        // Create a character array.
    char[] charArray = {'H', 'e', 'l', 'l', 'o', ',', ' ', 
                           'w', 'o', 'r', 'l', 'd'};

        // Write a character array to the client.
        Response.Write(charArray, 0, charArray.Length);

        // Write a single characher.
        Response.Write(';');

        // Write a sub-section of a character array to the client.
        Response.Write(charArray, 0, 5);
// <snippet6>
        // Write an object to the client.
        object obj = (object)13;
        Response.Write(obj);
// </snippet6>

    %>
      <%
         Dim charArray As Char() = {"H"c, "e"c, "l"c, "l"c, "o"c, ","c, " "c, _
                                 "w"c, "o"c, "r"c, "l"c, "d"c}
         ' Write a character array to the client.
         Response.Write(charArray, 0, charArray.Length)

         ' Write a single character.
         Response.Write(";"c)

         ' Write a sub-section of a character array to the client.
         Response.Write(charArray, 0, 5)
' <snippet6>
         ' Write an object to the client.
         Dim obj As Object
         obj = CType(13, Object)
         Response.Write(obj)
' </snippet6>
      %>

適用於