url 中的 escaping 特殊字符
[英]escaping special character in a url
问题描述
I am using a url to open a html page, and i am sending data in querystring withe the page url.
我正在使用 url 打开 html 页面,并且我正在使用页面 url 的查询字符串中发送数据。
For example: abc.html?firstParameter=firstvalue&seconedParameter=seconedvalue例如: abc.html?firstParameter=firstvalue&seconedParameter=seconedvalue
Problem is that if firstvalue or secondvalue in parameter contains special character like #,(,),%,{ , then my url is not constructing well.问题是如果参数中的firstvalue或secondvalue包含特殊字符,如#,(,),%,{ ,那么我的 url 构造不好。 In this case url is not validating.在这种情况下 url 没有验证。 I am doing all this in javascript .我在javascript做这一切。 Can any body please help me out this.任何人都可以帮我解决这个问题。
2 个解决方案
解决方案1
19 已采纳 2012-05-27 06:23:17
You have 3 options:您有 3 个选择:
escape() will not encode: @*/+
encodeURI() will not encode: ~!@#$&*()=:/,;?+'
encodeURIComponent() will not encode: ~!*()'
But in your case, if you want to pass a url into a GET parameter of other page, you should use escape or encodeURIComponent, but not encodeURI.但是在您的情况下,如果您想将 url 传递到其他页面的 GET 参数中,您应该使用转义或 encodeURIComponent,而不是 encodeURI。
解决方案2
6 2014-01-01 21:11:37
To be safe and ensure that you've escaped all the reserved characters specified in both RFC 1738 and RFC 3986 you should use a combination of encodeURIComponent, escape and a replace for the asterisk('*') like this:为了安全并确保您已经转义了 RFC 1738 和 RFC 3986 中指定的所有保留字符,您应该使用 encodeURIComponent、escape 和替换星号('*')的组合,如下所示:
encoded = encodeURIComponent( parm ).replace(/[!'()]/g, escape).replace(/\*/g, "%2A");
[Explanation] While RFC 1738: Uniform Resource Locators (URL) specifies that the *, !, ', ( and ) characters may be left unencoded in the URL, [说明] 虽然 RFC 1738: Uniform Resource Locators (URL) 指定 *、!、'、( 和 ) 字符可以保留在 URL 中未编码,
Thus, only alphanumerics, the special characters "$-_.+!*'(),", and reserved characters used for their reserved purposes may be used unencoded within a URL.
RFC 3986, pages 12-13, states that these special characters are reserved as sub-delimiters. RFC 3986 第 12-13 页指出,这些特殊字符被保留为子分隔符。
reserved = gen-delims / sub-delims
gen-delims = ":" / "/" / "?"
sub-delims = "!"
The escape() function has been deprecated but can be used to URL encode the exclamation mark, single quote, left parenthesis and right parenthesis. escape() 函数已被弃用,但可用于对感叹号、单引号、左括号和右括号进行 URL 编码。 And since there is some ambiguity on whether an asterisk must be encoded in a URL, and it doesn't hurt to encode, it you can explicitly encode is using something like the replace() function call.并且由于是否必须在 URL 中编码星号存在一些歧义,并且编码并没有什么坏处,因此您可以使用诸如 replace() 函数调用之类的方法进行显式编码。 [Note that the escape() function is being passed as the second parameter to the first replace() function call . [请注意,escape() 函数作为第二个参数传递给第一个 replace() 函数调用。 As used here, replace calls the escape() function once for each matched special character of !, ', ( or ), and escape merely returns the 'escape sequence' for that character back to replace, which reassembles any escaped characters with the other fragments.]如此处所用,replace 为 !、'、( 或 ) 的每个匹配的特殊字符调用一次 escape() 函数,escape 仅返回该字符的“转义序列”以供替换,从而将任何转义字符与另一个重新组合片段。]
Also see 'https://stackoverflow.com/questions/6533561/urlencode-the-asterisk-star-character'另请参阅“https://stackoverflow.com/questions/6533561/urlencode-the-asterisk-star-character”
Also while some websites have even identified the asterkisk(*) as being a reserved character under RFC3986, they don't include it in their URL component encoding tool .此外,虽然一些网站甚至将 asterkisk(*) 标识为 RFC3986 下的保留字符,但它们并未将其包含在其 URL 组件编码工具中。
Unencoded URL parms:未编码的 URL 参数:
parm1=this is a test of encoding !@#$%^&*()'
parm2=note that * is not encoded
Encoded URL parms:编码的 URL 参数:
parm1=this+is+a+test+of+encoding+%21%40%23%24%25%5E%26*%28%29%27
parm2=note+that+*+is+not+encodeds+not+encoded
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.