<html>
<body>
Hello ${params.name}
</body>
</html>
8.2.1.4 Expressions
Version: 3.2.3
8.2.1.4 Expressions
In GSP the <%= %>
syntax introduced earlier is rarely used due to the support for GSP expressions. A GSP expression is similar to a JSP EL expression or a Groovy GString and takes the form ${expr}
:
However, unlike JSP EL you can have any Groovy expression within the ${..}
block.
Embedding data received from user input has the risk of making your application vulnerable to an Cross Site Scripting (XSS) attack. Please read the documentation on XSS prevention for information on how to prevent XSS attacks. |