Different format of querystring - javascript

Generally, We are using querystring to get the detail from the url. I am using the url like:
"example.com?q=abc"
in php with javascript. I need to use the url like
"example.com/abc"
Is it possible to use url like this "example.com/abc" ?

By definition, the QueryString is what is after the first question mark, see https://en.wikipedia.org/wiki/Query_string for example.
So your second url does not contain a QueryString. But it does not mean you cannot get the "abc" value with JavaScript: you can get the full url via
window.location.href
and then you can parse it.

Related

JavaScript source tag attributes

<script language="Javascript" src="js/configurationJS.js?cid=${buildnumber}" type="text/javascript"></script>
I Have a Script tag like above and i don't know the purpose of ? before cid and also what cid=${buildnumber} indicates.
Thanks in advance.
The parameters can be get or post.
The get ones are shown in the url in this format:
url?param1=value1&param2=value2&param3=value3
In your configurationJS.js url you are passing a buildnumber value to the cid parameter.
For get request type and for passing any data (eg. id) from one page to another page, we append query params in URL and to differentiate the URL path and query params we use "?" symbols.
"?" act as separator, it indicates end of URL base path and start of query params.

How to set Metatitle for a user-entered javascript hashed URL via PHP

I want to set a specific metatitle to a javascript hashed url. I want to set it via PHP so that when google crawls it the metatitle is already there.
An example of a page: https://weslaydragons.com/en/shop/#!/men+long+sleeve+shirts?q=P25
In this url /en/shop/ is the wordpress page, and #!/men+long+sleeve+shirts?q=P25 is set by javascript.
I have this code in the functions.php to try to set the title:
if (is_page(194) and (strpos($url, 'men+long+sleeve+shirts') !== false))
{$new_title = "long sleevetitle";};
return $new_title;
But how do I get 'men+long+sleeve+shirts' or '?q=P25' in the $url variable?
Is there a way to get the user-entered url in PHP?
You can use combination of strpos() and substr();
Like this:
$string = "https://weslaydragons.com/en/shop/#!/men+long+sleeve+shirts?q=P25";
var_dump(substr($string,strpos($string,'?'))); // output '?q=P25'
It will cut whole string and leave only the part from ? to end.
Explode method:
Or you can use alternate, explode method like this, which will ensure that it will target only last element with question mark.
$string= "https://weslaydragons.com/en/shop/#!/men+long+sleeve+shirts?q=P25";
$string2= explode('?',$string);
var_dump(end($string2)); // output 'q=P25'
Edit:Both methods would work with "#" also, just replace '?' with '#'.
Refs:
http://php.net/manual/bg/function.strpos.php
http://php.net/manual/bg/function.substr.php
http://php.net/manual/bg/function.end.php
http://php.net/manual/bg/function.explode.php

Javascript Url Replace

So currently, I have my url like this: http://localhost:8000/fund_monitor/fund_details/fundaccountid=4&transmission=3&startDate=2017-08-01&endDate=2017-08-02/
Then when I redirect the url using windows.location.replace(url), the url becomes like this: http://localhost:8000/fund_monitor/fund_details/fundaccountid%3D4&transmission%3D3&startDate%3D2017-08-01&endDate%3D2017-08-02/
So the equal sign gets converted to another format. Is there a way to retain the original format?
Thanks
It might be because the URL is not in a valid format. It's format is roughly protocol://host:port/path?query_params[1], where query_params looks like a=1&b=2 etc. But you do need the ? to separate the path from your parameters. Whatever you're using seems to treat the part fundaccountid=4&transmission=3&startDate=2017-08-01&endDate=2017-08-02/ as a path, and url encodes it so it can be a proper path. Perhaps try to write the URL as: http://localhost:8000/fund_monitor/fund_details?fundaccountid=4&transmission=3&startDate=2017-08-01&endDate=2017-08-02
and see if that works.
Though it will mean some changes to your backend.
[1] The full format you can see on Wikipedia or RFC 3986
You can use decodeURIComponent().
The decodeURIComponent() function decodes a Uniform Resource Identifier (URI) component previously created by encodeURIComponent or by a similar routine.
var url = 'http://localhost:8000/fund_monitor/fund_details/fundaccountid%3D4&transmission%3D3&startDate%3D2017-08-01&endDate%3D2017-08-02/';
console.log(decodeURIComponent(url));

What is the right way to safely and accurately insert user-provided URL data into an HTML5 document?

Given an arbitrary customer input in a web form for a URL, I want to generate a new HTML document containing that URL within an href. My question is how am I supposed to protect that URL within my HTML.
What should be rendered into the HTML for the following URLs that are entered by an unknown end user:
http://example.com/?file=some_19%affordable.txt
http://example.com/url?source=web&last="f o o"&bar=<
https://www.google.com/url?source=web&sqi=2&url=https%3A%2F%2Ftwitter.com%2F%3Flang%3Den&last=%22foo%22
If we assume that the URLs are already uri-encoded, which I think is reasonable if they are copying it from a URL bar, then simply passing it to attr() produces a valid URL and document that passes the Nu HTML checker at validator.w3.org/nu.
To see it in action, we set up a JS fiddle at https://jsfiddle.net/kamelkev/w8ygpcsz/2/ where replacing the URLs in there with the examples above can show what is happening.
For future reference, this consists of an HTML snippet
<a>My Link</a>
and this JS:
$(document).ready(function() {
$('a').attr('href', 'http://example.com/request.html?data=>');
$('a').attr('href2', 'http://example.com/request.html?data=<');
alert($('a').get(0).outerHTML);
});
So with URL 1, it is not possible to tell if it is URI encoded or not by looking at it mechanically. You can surmise based on your human knowledge that it is not, and is referring to a file named some_19%affordable.txt. When run through the fiddle, it produces
My Link
Which passes the HTML5 validator no problem. It likely is not what the user intended though.
The second URL is clearly not URI encoded. The question becomes what is the right thing to put into the HTML to prevent HTML parsing problems.
Running it thru the fiddle, Safari 10 produces this:
My Link
and pretty much every other browser produces this:
My Link
Neither of these passes the validator. Three complaints are possible: the literal double quote (from un-escaping HTML), the spaces, or the trailing < character (also from un-escaping HTML). It just shows you the first of these it finds. This is clearly not valid HTML.
Two ways to try to fix this are a) html-escape the URL before giving it to attr(). This however results in every & becoming & and the entities such as & and < become double-escaped by attr(), and the URL in the document is entirely inaccurate. It looks like this:
My Link
The other is to URI-encode it before passing to attr(), which does result in a proper validating URL which actually clicks to the intended destination. It looks like this:
My Link
Finally, for the third URL, which is properly URI encoded, the proper HTML that validates does come out.
My Link
and it does what the user would expect to happen when clicked.
Based on this, the algorithm should be:
if url is encoded then
pass as-is to attr()
else
pass encodeURI(url) to attr()
however, the "is encoded" test seems to be impossible to detect in the affirmative based on these two prior discussions (indeed, see example URL 1):
How to find out if string has already been URL encoded?
How to know if a URL is decoded/encoded?
If we bypass the attr() method and forcibly insert the HTML-escaped version of example URL 2 into the document structure, it would look like this:
My Link
Which seemingly looks like valid HTML, yet fails the HTML5 validator because it unescapes to have invalid URL characters. The browsers, however, don't seem to mind it. Unfortunately, if you do any other manipulation of the object, the browser will re-escape all the &'s anyway.
As you can see, this is all very confusing. This is the first time we're using the browser itself to generate the HTML, and we are not sure if we are getting it right. Previously, we did it server side using templates, and only did the HTML-escape filter.
What is the right way to safely and accurately insert user-provided
URL data into an HTML5 document (using JavaScript)?
If you can assume the URL is either encoded or not encoded, you may be able to get away with something along the lines of this. Try to decode the URL, treat an error as the URL not being encoded and you should be left with a decoded URL.
<script>
var inputurl = 'http://example.com/?file=some_19%affordable.txt';
var myurl;
try {
myurl = decodeURI(inputurl);
}
catch(error) {
myurl = inputurl;
}
console.log(myurl);
</script>

extracting id from url user input in javascript

i would like to extract part of a url and not sure what is the best practice for going about that. the url input format would be like: https://somesite.com/video/123456 i would like to extract the video id which is 123456so i can use at another place. any thoughts or suggestion would be appreciated. I am not sure how to use a split or if using regex would be better.
If your URL format is consitent just use the following
var url = "https://somesite.com/video/123456";
var id = url.split("/")[4]

Categories