When submitting form using get method if we pass # character in any field it skips all parameter after that field.
e.g.
bookmy_car.php?pod=6&room_id=32&starthour=14&startminute=00&startday=07&startmonth=08&startyear=2015&endhour=16&endminute=00&endday=07&endmonth=08&endyear=2015&end_date=1438927200&email_conf=1&cost_code=&desc=Trip description&trip_comment=#&day_rate=68.00&hourly_rate=6.60&hourly_km_rate=0.35&dur_hours=2
hours&location_charge=0.00&damage_cover_charge=5.00&total_free_kms=&longterm=0&rt=&minbooking=3600&returl=&returl_newid=&rep_id=&edit_type=&insPlanid=3&plan_name=goOccasional&id=3&driver_username_id=2&
How do we protect it? I tried escape() and encodeURI() function of JavaScript, it does not help.
I agree with #dgsq . But i prefer using only encodeURI so that he can get the uri as it is in the next page.
alert( encodeURI('&trip_comment=#&day_rate=68.00') )
It happens because with hashbang in query string # it is interpreted as location.hash and hot processed as GET parameters. You need to properly encode URI before you use it. For example with encodeURIComponent:
alert( encodeURIComponent('trip_comment=#') )
Related
When I hit the page /login?email=abc+dev#xyz.com
In Ruby's Controller,
The Parameters are: {"email"=>"abc dev#xyz.com"}
+ is missing in this parmas.
What is the correct way to get email in parameters ?
encode URI will give me same(that is, URI::encode("abc+dev#xyz.com") is equals to "abc+dev#xyz.com")
You can use Rack::Utils.escape()
Rack::Utils.escape("abc+dev#xyz.com")
# => "abc%2Bdev%40xyz.com"
Or with Javascript you can use encodeURIComponent()
encodeURIComponent("abc+dev#xyz.com")
"abc%2Bdev%40xyz.com"
I am using the below call to Twitter API
https://api.twitter.com/1.1/search/tweets.json?q=#iosgames
I get the response:
{"errors":[{"code":25,"message":"Query parameters are missing."}]}
According the this the only parameter that is required is q for the query string.
The issue isn't with my OAuth as it fine with the status/user calls.
What am I missing?
The pound sign (or hash sign, if you prefer) is one of those which must be encoded in order to be sent in a URL. # is represented by %23, so your request should be for:
https://api.twitter.com/1.1/search/tweets.json?q=%23iosgames
You need to url-encode your hashtag:
https://api.twitter.com/1.1/search/tweets.json?q=%23iosgames
Reference
I would like to know how I can escape / in angularjs so that I can send it as a path variable to call a restful service. As of now I am getting 404 whenever I try to send a url with path variable values having /; even if I encode it doesn't work.
For example
http://monish.home.com/payment/9a2c1ae67d4ff85e561679fcff/credit/%252B8VMWj/YBC%252FNj3l/fetch/options
Is there a way where I can encode and escape the /?
Yes, its called encodeURIComponent
var a = 'http://monish.home.com/payment/9a2c1ae67d4ff85e561679fcff/credit/%252B8VMWj/YBC%252FNj3l/fetch/options'
encodeURIComponent(a); // result: "http%3A%2F%2Fmonish.home.com%2Fpayment%2F9a2c1ae67d4ff85e561679fcff%2Fcredit%2F%25252B8VMWj%2FYBC%25252FNj3l%2Ffetch%2Foptions"
I am trying to pass the Euro ( € ) sign as url parameter in my spring jsp. What is the right way to do so ? I tried the following with no avail. Problem is the character is getting encoded properly but not getting decoded from my destination jsp.
I am using
<%#page contentType="text/html;charset=UTF-8" %>
Here is the calling jsp:
<script>
...
// params contains the euro sign
document.location='dest.jsp?p='+escape(params);
In the dest.jsp
<input type="hidden" id="par" value="${param.p}">
and in a script in the same page
console.log($('#par').val())
when I use escape(params) I get the url as %u20AC . But no (empty) values in the dest.jsp
when I use encodeURI(params) or encodeURIComponent I get url as € . But the value in dest.jsp as ⬠- something which I can't use to render as euro sign
I'm going to assume you are using Tomcat because that's what I tested with and we get the same result.
What you will want to do is open up your Tomcat servlet.xml file and find the HTTP connector and add the useBodyEncodingForURI attribute with the value true.
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1"
redirectPort="8443" useBodyEncodingForURI="true">
</Connector>
Then, you will want to register a CharacterEncodingFilter to set the HttpServletRequest character encoding.
You can read more about this behavior in my answer here:
Character encoding in query string, hebrew
You need indeed to encode the € sign which should give %E2%82%AC using UTF-8. You need to be careful with the encoding you use on both ends.
Something like URLEncoder.encode(url, "UTF-8") on the client would do.
If you are using Spring, org.springframework.web.util.UriUtils has also nice utilities you can use.
If the decoding issue is on the server, you need first to make sure that your web container decodes the URI with the proper encoding.
Tomcat decodes URI with ISO-8859-1 by default so you need to update your connector configuration
<Connector port="8080" ...
URIEncoding="UTF-8"/>
See the following answers
Spring MVC: How to store € character?
Getting question mark instead accented letter using spring MVC 3
I think that org.springframework.web.filter.CharacterEncodingFilter should help here.
Try it with and without your encodeURI(params)
I am facing 1 issue with localStorage
I am storing the value like below in localStorage using Set
elibom!%5E!fyzqrutc5%3b47<47568%255>%3f8<%3f5%3a
and passing that param to the ajax call but in browser console its replacing with the following
elibom!%255E!fyzqrutc5%253b47%253C47568%25255%253E%253f8%253C%253f5%253a
Whats the issue is this how to fix it I know its decoding the string but how to fix this
You can use encodeURIComponent/decodeURIComponent to solve this issue.
encodeURIComponent("elibom!%5E!f<%")
// -> "elibom!%255E!f%3C%25"
decodeURIComponent("elibom!%255E!f%3C%25")
// -> "elibom!%5E!f<%"
Before handing your string over to the AJAX call, do the encoding (don't use encodeURI - this will not replace &, +, and =) and after that, decode again.