一、HTML注释
<!--注释内容-->
二、JSP注释
<%--注释内容--%>
三、HTML注释和JSP注释的区别:
3.1 HTML注释会被JSP翻译引擎翻译到Servlet的out.write()中,而JSP注释则会被JSP翻译引擎忽略,在Servlet中是看不到的。
3.2 在客户端浏览器查看源码时,HTML注释是可以查看到的,但JSP注释在客户端是查看不到的。
四、示例
4.1 jsp源码
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>first_jsp</title> </head> <body> <!-- HTML注释 --> <%--JSP注释 --%> My First jsp! </body> </html>
4.2 经Tomcat遵循JSP规范将该JSP页面翻译的.java源文件如下:
/* * Generated by the Jasper component of Apache Tomcat * Version: Apache Tomcat/7.0.85 * Generated at: 2019-01-22 17:21:18 UTC * Note: The last modified time of this file was set to * the last modified time of the source file after * generation to assist with modification tracking. */ package org.apache.jsp; import javax.servlet.*; import javax.servlet.http.*; import javax.servlet.jsp.*; public final class index_jsp extends org.apache.jasper.runtime.HttpJspBase implements org.apache.jasper.runtime.JspSourceDependent { private static final javax.servlet.jsp.JspFactory _jspxFactory = javax.servlet.jsp.JspFactory.getDefaultFactory(); private static java.util.Map<java.lang.String,java.lang.Long> _jspx_dependants; private volatile javax.el.ExpressionFactory _el_expressionfactory; private volatile org.apache.tomcat.InstanceManager _jsp_instancemanager; public java.util.Map<java.lang.String,java.lang.Long> getDependants() { return _jspx_dependants; } public javax.el.ExpressionFactory _jsp_getExpressionFactory() { if (_el_expressionfactory == null) { synchronized (this) { if (_el_expressionfactory == null) { _el_expressionfactory = _jspxFactory.getJspApplicationContext(getServletConfig().getServletContext()).getExpressionFactory(); } } } return _el_expressionfactory; } public org.apache.tomcat.InstanceManager _jsp_getInstanceManager() { if (_jsp_instancemanager == null) { synchronized (this) { if (_jsp_instancemanager == null) { _jsp_instancemanager = org.apache.jasper.runtime.InstanceManagerFactory.getInstanceManager(getServletConfig()); } } } return _jsp_instancemanager; } public void _jspInit() { } public void _jspDestroy() { } public void _jspService(final javax.servlet.http.HttpServletRequest request, final javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException { final javax.servlet.jsp.PageContext pageContext; javax.servlet.http.HttpSession session = null; final javax.servlet.ServletContext application; final javax.servlet.ServletConfig config; javax.servlet.jsp.JspWriter out = null; final java.lang.Object page = this; javax.servlet.jsp.JspWriter _jspx_out = null; javax.servlet.jsp.PageContext _jspx_page_context = null; try { response.setContentType("text/html; charset=UTF-8"); pageContext = _jspxFactory.getPageContext(this, request, response, null, true, 8192, true); _jspx_page_context = pageContext; application = pageContext.getServletContext(); config = pageContext.getServletConfig(); session = pageContext.getSession(); out = pageContext.getOut(); _jspx_out = out; out.write(" "); out.write("<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> "); out.write("<html> "); out.write("<head> "); out.write("<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> "); out.write("<title>first_jsp</title> "); out.write("</head> "); out.write("<body> "); out.write("<!-- HTML注释 --> "); out.write(" "); out.write("My First jsp! "); out.write("</body> "); out.write("</html>"); } catch (java.lang.Throwable t) { if (!(t instanceof javax.servlet.jsp.SkipPageException)){ out = _jspx_out; if (out != null && out.getBufferSize() != 0) try { if (response.isCommitted()) { out.flush(); } else { out.clearBuffer(); } } catch (java.io.IOException e) {} if (_jspx_page_context != null) _jspx_page_context.handlePageException(t); else throw new ServletException(t); } } finally { _jspxFactory.releasePageContext(_jspx_page_context); } } }
我们可以看到只有HTML注释被out.write()到客户端了。所以我们到客户端浏览器查看源码,其截图如下:
经过上面我们总结出,如果注释内容相对的安全保密则我们用JSP注释,否则的话用HTML注释。但一般遵循安不安全都使用JSP注释为最佳原则。服务端源码能看到就行,不让你客户端看到本程序代码的注释内容。
