URI escape / unescape from Javascript to Perl

Question

I have an URL that javascript reads from an user input. Here is a part of javascript code:

document.getElementById("Snd_Cont_AddrLnk_BG").value=encodeURI(document.getElementById("Con_AddresWeb_BG").value.toString());

Then I post the value of the string through CGI to a Perl Script (here is a part of perl code):

#!/usr/bin/perl -w
##
##

use strict;
use CGI;
use CGI::Carp qw ( fatalsToBrowser );
use URI::Escape;

my $C_AddrLnk_BG=$query->param("Snd_Cont_AddrLnk_BG");

my $lst_upload_dir="../data";
my $lst_file_bg=$lst_upload_dir."/contacts_bg.js";

open(JSBG,">$lst_file_bg") || die "Failed to open $lst_file_bg\n";
printf JSBG "var GMapLink_bg=\"".uri_unescape($C_AddrLnk_BG)."\";\n";
close JSBG;
system("chmod 777 $lst_file_bg");

Somewhere in uri_unescape a problem occurs: The original string from input is:

https://www.google.bg/maps/place/42%C2%B044'15.0%22N+23%C2%B019'04.2%22E/@42.7368454,23.317962,16z/data=!4m2!3m1!1s0x0:0x0

The string after javascript encodeURI() is:

https://www.google.bg/maps/place/42%25C2%25B044'15.0%2522N+23%25C2%25B019'04.2%2522E/@42.7368454,23.317962,16z/data=!4m2!3m1!1s0x0:0x0

And the script after perl uri_unescape() that is printed in file is:

https://www.google.bg/maps/place/42%C2%B044'15.0%22N+23%C2%B019'04.2          0.000000E+00/@42.7368454,23.317962,16z/data=!4m2!3m1!1s0x0:0x0

I can not ascertain whether the problem is in unescaping or printing, but the part

%2522E

is interpreted as

  0.000000E+00 

(with 10 leading spaces).

Can anyone help me with an idea of what I was doing wrong?

Answer 1

There are numerous problems with your code.

 document.getElementById("Snd_Cont_AddrLnk_BG").value = encodeURI(document.getElementById("Con_AddresWeb_BG").value.toString()); 

I can't figure out when you think encodeURI here. All you should have is the following:

document.getElementById("Snd_Cont_AddrLnk_BG").value =
    document.getElementById("Con_AddresWeb_BG").value;

 printf JSBG "var GMapLink_bg=\\"".uri_unescape($C_AddrLnk_BG)."\\";\\n"; 

Now the erroneous encodeURI is removed, uri_unescape needs to be removed too.

Furthermore, adding quotes around text doesn't always make it a valid JavaScript literal. The easiest way to do that is as follows:

use JSON qw( );

my $json = JSON->new()->allow_nonref();
$json->encode($C_AddrLnk_BG)

That snippet also misuses printf . printf takes a format parameter, so you want

printf FH "%s", ...

or simply

print FH ...

So what you end up with is:

use JSON qw( );

my $json = JSON->new()->allow_nonref();
$json->encode($C_AddrLnk_BG)
print JSBG "var GMapLink_bg=" . $json->encode($C_AddrLnk_BG) ."\n";

---

Answer 2

You are using printf instead of print to output the result of uri_unescape . It is interpreting %22E as an engineering-format floating point field with a width of 22. Presumable you have nothing else in the printf parameter list, so undef is being evaluated as zero, resulting in 0.000000E+00 .

If you had use warnings in place as you should, you would see messages like Missing argument in printf