[英]Special Characters in URL query string
I have a situation where the user is able to enter any characters they want in a URL query string.我有一种情况,用户可以在 URL 查询字符串中输入他们想要的任何字符。
Example:例子:
http://localhost/default.aspx?ID=XXXX http://localhost/default.aspx?ID=XXXX
http://localhost/default.aspx?ID=&XXXX http://localhost/default.aspx?ID=&XXXX
http://localhost/default.aspx?ID=#XXXX http://localhost/default.aspx?ID=#XXXX
The web page must accept the ID parameter as it is no matter what the characters are. web 页面必须接受 ID 参数,因为无论字符是什么。 However certain special characters such as ampersand(&) and pound(#) creates problems.然而,某些特殊字符,如 & 和磅 (#) 会产生问题。 How can I accept them as is?我怎样才能按原样接受它们?
This:这个:
encodeURIComponent(uri)
Where uri
is the component after the ?ID=
uri
是?ID=
之后的组件
If the user is entering the query string, they must properly encode the query string first.如果用户正在输入查询字符串,他们必须首先正确编码查询字符串。 If you are creating the query string yourself, such as from a form submission, you will need to use a URL encode method.如果您自己创建查询字符串,例如从表单提交,您将需要使用 URL 编码方法。
Encode your URL HttpServerUtility.UrlEncode Method (String)编码您的 URL HttpServerUtility.UrlEncode 方法(字符串)
Edit: following your comment, you want to get query String value of ID
编辑:根据您的评论,您想要获取ID
的查询字符串值
String id = Request.QueryString["ID"];
Use利用
userinput = escape(userinput)
then, in PHP:然后,在 PHP 中:
$userinput = urldecode($_GET['id'])
or in JS:或在 JS 中:
userinput = unescape(userinput)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.