How to disable scripting elements in JSP pages?

By Wayan in JSP 0 Comment

With the introduction of Expression Language in JSP 2.0 it is recommended to use the EL instead of using a scripting elements / scriptlets. That means if we want to access a server-side objects it is recommended to use EL then to write some Java codes in the JSP pages.

For this purpose in JSP 2.0 we are given a feature to disable the scripting elements by defining a scripting-invalid element within the <jsp-property-group> in the deployment descriptor (web.xml) file.

Here is the JSP configuration that you need to add in the web.xml file:

<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
         version="4.0">
    <display-name>JSP Examples</display-name>

    <jsp-config>
        <jsp-property-group>
            <url-pattern>*.jsp</url-pattern>
            <scripting-invalid>true</scripting-invalid>
        </jsp-property-group>
    </jsp-config>
</web-app>

When you try to request a JSP page that have a scripting elements in, it will give you an error message like this:

HTTP Status 500 - /sessionWriteRead.jsp (line: 10, column: 2) Scripting elements ( <%!, <jsp:declaration, <%=, <jsp:expression, <%, <jsp:scriptlet ) are disallowed here.

How do I add comment in JSP pages?

By Wayan in JSP 3 Comments

In this example you’ll see how to add comments in JSP page / JSP scriptlets. To add comments we can use either the JSP comment style or HTML comment style. The different between this is that the HTML comment will be sent or included in the webpage while the JSP comment is not included in the webpage.

The JSP comment style start with the <%-- and end with the --%>. To create an HTML comment style we can use the <!-- and closed by the -->. Beside this two comment styles you can still use the comment block that we use in our Java code in the JSP scriptlets.

<%@ page import="java.util.Date" %>
<%@ page import="java.text.SimpleDateFormat" %>
<%@ page contentType="text/html;charset=UTF-8" %>
<!DOCTYPE html>
<html lang="en">
<head>
    <title>Commenting JSP Page</title>
</head>
<body>

<%--The JSP snippet below is used to print the current date--%>
<%
Date date = new Date();
SimpleDateFormat formatter = new SimpleDateFormat("EEE, dd/MM/yyyy");
%>

<%= "Today is: " + formatter.format(date) %>
</body>
</html>

What are the scripting elements in JSP page?

By Wayan in JSP 0 Comment

There are three types of scripting elements available when writing a JSP page. These scripting elements includes:

  • Scriptlets which is a block of Java code.
  • Expression that can be evaluated and the result is printed out.
  • Declarations can be used to declares variables or methods.

Scriptlets

A scriptlets is a block of Java code that begins with <% and closed by %>. We can have multiple block of scriptlets inside a JSP page. The following example show you how to write a scriptlets:

<%@ page import="java.text.DateFormat" %>
<%@ page import="java.text.SimpleDateFormat" %>
<%@ page import="java.util.Date" %>
<%@ page import="java.util.Calendar" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<html>
<head>
    <title>JSP - Scripting Scriptlets</title>
</head>
<body>
<%
    DateFormat formatter = new SimpleDateFormat("EEE, dd/MM/yyyy HH:mm:ss");
    out.print(formatter.format(new Date()));
%>
<br/>
<%
    Calendar calendar = Calendar.getInstance();
    out.print(formatter.format(calendar.getTime()));
%>
</body>
</html>

In the scriptlets above we can use the formatter object on the first scriplet to be used in the second scriptlet. Any objects or variables declared in the first scriptlet is available on the second scriptlet.

Expression

To create an expression in JSP we can use the <%= and closed by the %>. The expression in this kind of block will be evaluated and the value is printed out as the JSP page output. We can say that the expression block is a shortcut for the out.print() method in JSP page. You also notice that an expression doesn’t end with a semicolon.

Here is an example of expression in JSP page:

<%@ page import="java.util.Date" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<html>
<head>
    <title>JSP - Scripting Expressions</title>
</head>
<body>
Today is: <%= new Date() %><br/>
Session Id: <%= session.getId() %><br/>

<%--The above expression is equals with the following scriptlets--%>

Today is: <% out.print(new Date()); %><br/>
Session Id: <% out.print(session.getId()); %>
</body>
</html>

Declarations

The last scripting elements is this declarations. The declarations elements starts with a <%! and ends with %>. We can use this block to declare variables and methods that can be used in a JSP page. Let’s see an example below:

<%@ page import="java.util.Date" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<%!
    public int add(int number1, int number2) {
        return number1 + number2;
    }

    public Date getDate() {
        return new Date();
    }
%>
<html>
<head>
    <title>JSP Declarations</title>
</head>
<body>
Today is: <%= getDate() %><br/>
20 + 10 = <%= add(20, 10) %>
</body>
</html>

How do I forward to other page using <jsp:forward>?

By Wayan in Taglib 0 Comment

The <jsp:forward/> tag forward user request to other page. For example, a user request page1.jsp and in this page the server found a <jsp:forward page="page2.jsp"/>. The server immediately stop the processing of page1.jsp and jump to the page2.jsp.

Let see an example of using <jsp:forward/> tag.

page1.jsp

<%@ page contentType="text/html;charset=UTF-8" %>
<!DOCTYPE html>
<html lang="en">
<head>
    <title>Page 1</title>
</head>
<body>
<strong>This is page 1</strong>

<jsp:forward page="page2.jsp"/>
</body>
</html>

page2.jsp

<%@ page contentType="text/html;charset=UTF-8" %>
<!DOCTYPE html>
<html lang="en">
<head>
    <title>Page 2</title>
</head>
<body>
<strong>This is page 2</strong>
</body>
</html>

When you try to run the example above by accessing the URL http://localhost:8080/forward/page1.jsp you are going to see the content of page2.jsp instead of page1.jsp. It’s happen because on the server side page1.jsp forward your request to the page2.jsp. But if you look at your browser URL address it will still point to page1.jsp.

Here is the directory structure of our example:

.
├─ pom.xml
└─ src
   └─ main
      └─ webapp
         └─ forward
            └─ page1.jsp
            └─ page2.jsp

Maven Dependencies

<dependency>
  <groupId>javax.servlet</groupId>
  <artifactId>jstl</artifactId>
  <version>1.2</version>
</dependency>

Maven Central

How do I include other pages using <jsp:include>?

By Wayan in Taglib 0 Comment

The <jsp:include/> tag is use for including another page fragment of a JSP page into another page. This is useful when you have a common page such as header, footer or a menu that applied to many of all of your pages.

<%@ page contentType="text/html;charset=UTF-8" %>
<!DOCTYPE html>
<html lang="en">
<head>
    <title><jsp:include/> Demo</title>
</head>
<body>
<div id="header">
    <jsp:include page="include/common/header.jsp"/>
</div>

<div id="main">
    Lorem ipsum dolor sit amet, consectetur adipisicing elit,
    sed do eiusmod tempor incididunt ut labore et dolore magna
    aliqua.
</div>

<div id="footer">
    <jsp:include page="include/common/footer.jsp"/>
</div>
</body>
</html>

Here are the page fragment of the header.jsp, footer.jsp and menu.jsp. All of them are placed in the common folder in the same location with the index.jsp file.

header.jsp

<strong><jsp:include/> Demo</strong>
<hr/>
<jsp:include page="menu.jsp"/>

footer.jsp

<hr/>
© 2021 Kode Java Org

menu.jsp

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<a href="<c:url value="/index.jsp"/>">HOME</a>

When you access your page (http://localhost:8080/jsp-include-tag.jsp) from the servlet container such as Apache Tomcat you’ll have a complete display of a page that contains header, menu, content and footer.

Here is the directory structure of our example:

.
.
├─ pom.xml
└─ src
   └─ main
      └─ webapp
         ├─ include
         │  └─ common
         │     ├─ footer.jsp
         │     ├─ header.jsp
         │     └─ menu.jsp
         ├─ jsp-include-tag.jsp
         └─ index.jsp

Maven Dependencies

<dependency>
  <groupId>javax.servlet</groupId>
  <artifactId>jstl</artifactId>
  <version>1.2</version>
</dependency>

Maven Central