Comparison between encodeURI and encodeURIComponent, encodeuri

Source: Internet
Author: User

Comparison between encodeURI and encodeURIComponent, encodeuri

Both the encodeURI and encodeURIComponet functions are used in javascript to encode the URI and convert the relevant parameters into data in the UTF-8 encoding format. When URI is redirected to a location, non-ASCII codes such as Chinese and Japanese in the parameter are all encoded and converted.

For example:

Var str1 = "http://www.baidu.com/s? Wd = China & rsv_spt = 1 & issp = 1 & rsv_bp = 0 & ie = UTF-8 & tn = baiduhome_pg & inputT = 2526 "; window. location. href = str1;

The uri above contains Chinese characters, which cannot be identified during browser parsing and cannot be directly redirected. Transcoding required!

 

1. encodeURI: This method does not encode ASCII letters and numbers or these ASCII punctuation marks :-_.! ~ *'(). ASCII punctuation marks with special meanings in URI, such :;/? : @ & =+ $, # Is Not transcoded.

In the preceding example, encodeURI is used for transcoding as follows:

Var str1 = encodeURI ("http://www.baidu.com/s? Wd = China & rsv_spt = 1 & issp = 1 & rsv_bp = 0 & ie = UTF-8 & tn = baiduhome_pg & inputT = 2526 "); window. location. href = str1;

The transcoded content is as follows:

http://www.baidu.com/s?wd=%E4%B8%AD%E5%9B%BD&rsv_spt=1&issp=1&rsv_bp=0&ie=utf-8&tn=baiduhome_pg&inputT=2526

      

2. encodeURIComponet: This method does not encode ASCII letters and numbers or these ASCII punctuation marks :-_.! ~ *'(). Other characters (including :;/? : @ & =+ $, # The punctuation marks used to separate URI components) are transcoded.

In the preceding example, encodeURIComponet is used for transcoding as follows:

Var str1 = "http://www.baidu.com/s? Wd = "+ encodeURIComponent (" China ") +" & rsv_spt = 1 & issp = 1 & rsv_bp = 0 & ie = UTF-8 & tn = baiduhome_pg & inputT = 2526 "; window. location. href = str1;

The converted content is as follows:

http://www.baidu.com/s?wd=%E4%B8%AD%E5%9B%BD&rsv_spt=1&issp=1&rsv_bp=0&ie=utf-8&tn=baiduhome_pg&inputT=2526

If encodeURIComponet is used for overall transcoding. As the & and other characters are also converted, the browser cannot parse the jump and fail.

Var str1 = encodeURIComponent ("http://www.baidu.com/s? Wd = China & rsv_spt = 1 & issp = 1 & rsv_bp = 0 & ie = UTF-8 & tn = baiduhome_pg & inputT = 2526 "); window. location. href = str1;
http%3A%2F%2Fwww.baidu.com%2Fs%3Fwd%3D%E4%B8%AD%E5%9B%BD%26rsv_spt%3D1%26issp%3D1%26rsv_bp%3D0%26ie%3Dutf-8%26tn%3Dbaiduhome_pg%26inputT%3D2526

 

Conclusion: (1) The purpose of encodeURI isOverall Encoding(2) encodeURIComponent also converts some key uri characters (such as: &), so it is applicable to parameter passing.


Why should we use encodeURIComponent first?

Ensure Data Transmission Accuracy and prevent cross-site attacks caused by Url Injection
If you do not do this, if the mUserType value is maliciously modified to: 3 & id = 12 & name = 123 #
Your program will be injected, which may cause security problems.
If you call this method, the above mUserType will be encoded into another Unicode encoding format to avoid this attack.

Why does encodeURI/encodeURIComponent () need to be called twice for transcoding?

Instance
In this example, we use encodeURI () to encode the URI:
<Script type = "text/javascript">

Document. write (encodeURI ("www.w3school.com.cn") + "<br/> ")
Document. write (encodeURI ("www.w3school.com.cn/My first /"))
Document. write (encodeURI (",/? : @ & = + $ #"))

</Script>
Output:
Www.w3school.com.cn
Www.w3school.com.cn/My%20first/
,/? : @ & =+ $ #

I have not seen it twice.
Reference: www.w3school.com.cn/js/jsref_encodeuri.asp

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.