I have a string in JS side which is url.QueryEscaped.
Spaces were replaced with + sign by url.QueryEscape. They don't get converted back to space in decodeURIComponent. Should I manually do a string replace all + with space? What is the right way to decode it?
One simple method is to replace all the + characters with spaces prior to decoding. For example:
decodeURIComponent("%2f+%2b".replace(/\+/g, " "))
will correctly decode the string to "/ +". Note that it is necessary to perform the replacement prior to decoding, since there could be encoded + characters in the string.
If you control Go side, use url.PathEscape and then you can simply use decodeURIComponent without anything extra.
Related
When searching my db all special characters work aside from the "+" - it thinks its a space. Looking on the backend which is python, there is no issues with it receiving special chars which I believe it is the frontend which is Javascript
what i need to do is replace "+" == "%2b". Is there a way for me to use create this so it has this value going forth?
You can use decodeURIComponent('%2b'), or encodeUriComponent('+');
if you decode the response from the server, you get the + sign-
if you want to replace all ocurrence just place the whole string insde the method and it decodes/encodes the whole string.
I am creating some random strings with % as a symbol and some URI components (ex. %27), but I am unable to add % with characters following it. ex. %27. I am using the decodeURIComponent() because of some characters like ' (%27), " (%22).
//'Hello'
decodeURIComponent('%27Hello%27');
//No Output
decodeURIComponent('%Hello%');
Any idea on how to include % in a string and use decodeURIComponent.
decodeURIComponent is meant to decode the output of encodeURIComponent, which would never produce '%Hello%'. You probably don't need to call decodeURIComponent at all.
I have a grid with link button and on RowDatabound:
lbutton.Attributes.Add("onclick",
"javascript:window.showModalDialog('Showsome.aspx?ID=" + lbutton.CommandArgument + " &IsMA=M" +
"','window.self','dialogWidth:800px; dialogHeight:800px;center:yes; status:yes; scroll:no; help:no');");
I am able to retrieve ID from Request.QueryString["ID"];
However, I am not able to retrieve Request.QueryString["IsMA"]
How can this be achieved?
I tried the suggestions, no more spaces and did URL encode and I am not getting the value correctly. I have another approach since it is a hardcoded value 'M' that is needed along with the value I am now appending it in ID value itself 'Showsome.aspx?ID=M" . Thanks for you support.
Theres a space between the CommandArgument and &IsMA
Could this be causing your problem?
Try:
+ lbutton.CommandArgument + "&IsMA=M"
What is CommandArgument value? You may need to encode this. I would recommend doing this either way.
+ Server.UrlEncode(lbutton.CommandArgument) + "&IsMA=M"
Try removing the space before the ampersand character:
lbutton.CommandArgument + "&IsMA=M"
EDIT: As SLaks points out below, escaping the ampersand character is not necessary. Accordingly, the documentation for Attributes.Add() says:
If the string in the value parameter contains an ampersand (&), the
character is automatically encoded. The resulting HTML representation
is "&".
I have a web application where I am dynamically creating a url. The url has a parameter and I must pass a double quote. I have tried this all different ways but it is still not working. Anybody have any ideas?
To create the URL:
searchSurveyDetail.setSurveyFormURL(surveyDetail.getSurveyFormURL()+"#search="+ "\"" + searchValue + "\"");
on the Page:
onClick="window.open('${surveyDetail.surveyInstructionsURL}')"
The result:
onClick="window.open('http://www.mytest.com/survey1.pdf#search="company"')"
The short answer is you need to double escape the double quotes. So you need:
searchSurveyDetail.setSurveyFormURL(surveyDetail.getSurveyFormURL()+"#search="+ "\\\"" + searchValue + "\\\"");
which produces:
onClick="window.open('http://www.mytest.com/survey1.pdf#search=\"company\"')"
which will escape the quotes properly.
Couple of things to keep in mind:
This doesn't take care of double quotes in the search term itself. Make sure you escape that.
I'm not sure why you want to wrap the search term in double quotes. For a typical search url, you'll want a query string like: search=term not search="term" because you'll just end up stripping the quotes later. But maybe you need that for some reason.
I gather you're using PHP on the server side? In that case you should run the URL through htmlspecialchars() before concatenating it to the HTML.
I have an issue with submitting post data. I have a form which have a couple of text fields in, and when a button is pressed to submit the data, it is run through a custom from validation (JS), then I construct a query string like
title=test&content=some content
which is then submitted to the server. The problem I had is when I have '&' (eg  ) entered into one of the inputs which then breaks up the query string. Eg:
title=test&content=some content  
How do I get around this?
Thanks in advance,
Harry.
Run encodeURIComponent over each key and value.
var title = "test";
var content = "some content   ";
var data = encodeURIComponent('title') + /* You don't actually need to encode this as it is a string that only contains safe characters, but you would if you weren't sure about the data */
'=' + encodeURIComponent(title) +
'&' + encodeURIComponent('content') +
'=' + encodeURIComponent(content);
Encode the string..when you want to encode a query string with special characters you need to use encoding. ampersand is encoded like this
title=test&content=some content %26
basically any character in a query string can be replaced by its ASCII Hex equivalent with a % as the prefix
Space = %20
A = %41
B = %42
C = %43
...
You need to encode your query to make it URL-safe. You can refer to the following links on how to do that in JS:
http://xkr.us/articles/javascript/encode-compare/
http://www.webtoolkit.info/javascript-url-decode-encode.html
You said:
...and when a button is pressed to submit the data, it is run through a custom from validation (JS), then I construct a query string...
In the section where you are building the query string you should also run the value of each input through encodeURIComponent() as David Dorward suggested.
As you do - be careful that you only assign the new value to your processed query string and NOT the form element value, otherwise your users will think their input was somehow corrupted and potentially freak out.
[EDIT]
I just re-read your question and realized something important: you're encoding an   ;character. This is probably a more complicated issue than other posters here have read into. If you want that character, and other &code; type characters to transfer over you'll need to realize that they are codes. Those characters &, n, b, s, p and ; are not themselves the same as " " which is a space character that does not break.
You'll have to add another step of encoding/decoding. You can place this step either before of after the data is sent (or "POSTed").
Before:
(Using this question's answers)
var data = formElement.value;
data = rhtmlspecialchars(data, 0);
Which is intended to replace your "special" characters like with " " so that they are then properly encoded by encodeURIComponent(data)
Or after:
(using standard PHP functions)
<?PHP
$your_field_name = htmlspecialchars_decode(urldecode($_POST['your_field_name']));
?>
This assumes that you escaped the & in your POST with %26
If you replaced it with some function other than encodeURIComponent() you'll have to find a different way to decode it in PHP.
This should solve your problem:
encodeURIComponent(name)+'='+encodeURIComponent(value)+'&'+encodeURIComponent(name2)+'='+encodeURIComponent(value2)
You need to escape each value (and name if you want to be on the safe side) before concatenating them when you're building your query.
The JavaScript global function encodeURIComponent() does the escaping.
The global function escape() (DOM) does this for you in a browser. Although people are saying it is not doing the escaping well for unicode chars. Anyway if you're only concerned about '&' then this would solve your problem.