what is the c# equivalent to javascript's unescape()? - javascript

I am trying to analyse some JavaScript, and one line is
var x = unescape("%u4141%u4141 ......");
with lots of characters in form %uxxxx.
I want to rewrite the JavaScript in c# but can't figure out the proper function to decode a string of characters like this. I've tried
HttpUtility.HTMLDecode("%u4141%u4141");
but this did not change these characters at all.
How can I accomplish this in c#?

You can use UrlDecode:
string decoded = HttpUtility.UrlDecode("%u4141%u4141");
decoded would then contain "䅁䅁".
As other have pointed out, changing the % to \ would work, but UrlDecode is the preferred method, since that ensures that other escaped symbols are translated correctly as well.

You need HttpUtility.UrlDecode. You shouldn't really be using escape/unescape in most cases nowadays, you should be using things like encodeURI/decodeURI/encodeURIComponent.
When are you supposed to use escape instead of encodeURI / encodeURIComponent?
This question covers the issue of why escape/unescape are a bad idea.

You can call bellow method to achieve the same effect as Javascript escape/unescape method
Microsoft.JScript.GlobalObject.unescape();
Microsoft.JScript.GlobalObject.escape();

Change the % signs to backslashes and you have a C# string literal. C# treats \uxxxx as an escape sequence, with xxxx being 4 digits.

In basic string usage you can initiate string variable in Unicode:
var someLine="\u4141";
If it is possible - replace all "%u" with "\u".

edit the web.config the following parameter:
< globalization requestEncoding="iso-8859-15" responseEncoding="utf-8" >responseHeaderEncoding="utf-8" in < system.web >

Related

PHP/JavaScript: How to encode/decode strings best?

I need to encode a string with Javascript and would like to decode it with PHP (code below).
Unfortunately the usual functions like urlencode(), encodeURIComponent(), etc. will not work in this case, because my PHP framework interprets slashes / as separators, even the encoded ones.
The string length is in a range of 1 to 50 chars. Encrypting isn't the focus, rather performance.
Does anyone know a good alternative to base64?
Javascript
var str = doEncode("I'm a String with special chars!§$%&/()");
window.location = "http://localhost/script.php?encoded_string=" + str;
PHP
$str = doDecode($_GET["encoded_string"]);
echo $str; // I'm a String with special chars!§$%&/()
Thanks in advance!
Agree with user2864740
Or you can use Base32
since you have only 50.
Well, perhaps php bson. Read more at BSON. Its popularised or used by MongoDB but maybe check it out for alternatives to basexxx

How to find out if a given string is HTML Escaped or not?

Is there any method to find out if the given string is HTML Escaped or not?
Consider the following javascript code:
<script>
var str="hello";
var str_esc=escape(str);
document.write(isHTMLEscaped(str)) // *Should print False*
document.write(isHTMLEscaped(str_esc)); // *Should print True*
</script>
Is there any method equivalent to isHTMLEscaped in the above case?
I found that using
escape(unescape(str))
will always provide an escaped string. And the unescape string will do nothing unless the string itself contains escaped expressions.
Note: should have used encodeURI(decodeURI(str)) instead as escape is now depreciated.
As "hello"==escape("hello"), no, you can't at all guess if escaping was applied.
If you want to know if it's probable that the string has been escaped, then you might test
var wasProbablyEscaped = /%\d\d/.test(str);
var wasProbablyNotEscaped = !wasProbablyEscaped && /%\d\d/.test(escape(str));
as escaping adds % followed by two digits when something has to be escaped. But you can't be totally sure as some strings don't change when you escape them.
In your case, I'd probably advise you not to escape if wasProbablyEscaped is true.

Too many quotes within quotes -- what to do?

Here is a section of code used by CKEditor on my website:
CKEDITOR.config.IPS_BBCODE = {"acronym":{"id":"8","title":"Acronym","desc":"Allows you to make an acronym that will display a description when moused over","tag":"acronym","useoption":"1","example":"[acronym='Laugh Out Loud']lol[/acronym]", ...
If you scroll to the right just a little, you will see this:
"[acronym='Laugh Out Loud']lol[/acronym]"
I need to store all of the CKEditor code inside a javascript string, but I can't figure out how to do it because the string has both " and ' in it. See the problem? Furthermore, I don't think I can just escape the quotes because I tried doing that and the editor didn't work.
Any idea what I can do?
You might try taking the string and injecting JavaScript escape codes into it. JavaScript can essentially use any unicode value when using the format: \u#### - so, for a ' character, the code is \u0039, and for the " character, the code is \u0034.
So - you could encode your example portion of the string as:
\u0034[acronym=\u0039Laugh Out Loud\u0039]lol[/acronym]\u0034
Alternatively, you could attempt to simply escape the quotes as in:
\"[acronym=\'Laugh Out Loud\']lol[/acronym]\"
The problem here occurs when you wind up with this kind of situation:
"data:{'prop1':'back\\slash'}"
Which, when escaped in this manner, becomes:
"data:{\'prop\':\'back\\\\slash\'}\"
While this is somewhat more readable than the first version - de-serializing it can be a little tricky when going across object-spaces, such as a javascript object being passed to a C# parser which needs to deserialize into objects, then re-serialize and come back down. Both languages use \ as their escape character, and it is possible to get funky scenarios which are brain-teasers to solve.
The advantage of the \u#### method is that only JavaScript generally uses it in a typical stack - so it is pretty easy to understand what part should be unescaped by what application piece.
hmm.. you said you already tried to escape the quotes and it gave problems.
This shouldn't give problems at all, so try this:
$newstring = addslashes($oldstring);
There's no need to use Unicode escape sequences. Just surround your string with double quotes, and put a backslash before any double quotes within the string.
var x = "\"[acronym='Laugh Out Loud']lol[/acronym]\"";

encoding json to string

I'm interested how does google encode POST params.
In one of a application I've found the following approach, let say I have the following object:
selection={"ty":"mc","cl":{"loc_type":0,"si":9,"aps":false},"sr":[]}
In POST request it takes the following form:
selection=%7B%22ty%22%3A%22mc%22%2C%22cl%22%3A%7B%22loc_type%22%3A0%2C%22si%22%3A9%2C%22aps%22%3Afalse%7D%2C%22sr%22%3A%5B%5D%7D
Which is method is applied here?
The same effect can be achieved by using encodeURIComponent and JSON.stringify functions:
"selection=" + encodeURIComponent(JSON.stringify(selection))
It's simply URL encoding
Check out the built-in function encodeURIComponent(str) and encodeURI(str)
the method in javascript is called encodeURIComponent() write
alert(encodeURIComponent('{"ty":"mc","cl":{"loc_type":0,"si":9,"aps":false},"sr":[]}'));
It is called URL-Encoding.
It replaces non-ASCII characters and characters that have a special meaning in the URI scheme with a ASCII representation: Each character that isn't printable will be written as %xy where xy is the index inside the ASCII table of that character.
There are many programming languages supporting it out-of-the-box:
In JavaScript you can use the encodeURIComponent() or encodeURI() function.
You can easily invoke it like this, e.g.:
var myjson = '{my:json}';
url_encoded_json = encodeURIComponent( myjson );
alert(url_encoded_json);
In other languages:
PHP has the rawurlencode() function.
ASP has the Server.URLEncode() function.
Python has the urllib.urlencode() function.
Java has the java.net.URI(url).toASCIIString() function

Some encoded Javascript that I need in plain text

I'm having some issues trying to decode some javascript.. I have no idea what kind of encoding this is.. i tried base 64 decoders etc. If you can please help me out with this, here's a fragment of the code:
\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C","\x61\x70\x70\x34\x39\x34\x39\x3
Any ways I can get plain text from that?
Thanks!
\xNN is an escape sequence. NN is a hexidecimal number (00 to FF) that represents a Latin-1 character.
Escape sequences are interpreted literally within a string. So:
"\x69" === "i" // true
The escape() function encodes a
string.
This function makes a string portable,
so it can be transmitted across any
network to any computer that supports
ASCII characters.
This function encodes special
characters, with the exception of: * #
- _ + . /
The reverse of escape() is the unescape() function.
Try this:
alert(unescape("\x69\x6E\x6E\x65\x72\x48\x54\x4D\x4C\x61\x70\x70\x34\x39\x34\x39\x3"));
Edit: As J-P mentioned unescape isn't really needed here after all.
These are simply hex-values of symbols.
\x69 = i, etc. First several letters: "innerHTML", "ap…"
I think you should use window.unescape(), or unescape()

Categories