How "JavaScript" handles some symbols before committing Ajax using the Get method

Some projects use a GET method to submit Ajax, and the background then decodes the value passed by the value of the Get method. For example, in the URL to submit Ajax/xx?param1=xx&param=2 ...

This is not good, in general, is to use the Post method to submit. Post method submission Ajax in the "Servlet" in the Servlet3.0 using Json+ajax database query data to the foreground display, no additional JSON parsing package (click Open link) and "Struts2" Using jquery to implement STRUTS2 's AJAX functionality (click to open Link) has been mentioned, not to mention here, but, in the face of a large pile of predecessors in the project, or their favorite get way Ajax, you should pass the past parameters to deal with. Otherwise, if the user writes in the input box ~ ' [email protected]#$%^&* () _+-={}| []\: ' <>?; ',./wait for these weird English symbols, it's possible to truncate the URL of the submission and let your Web project crash.

After you get the user to fill out the form, it should be handled well ~ ' [email protected]#$%^&* () _+-={}| []\: ' <>?; ',./these weird English symbols. Character escaping is a very serious problem in web development. The previous input box is less, this problem is not serious, now the input box, the user in the network above the interaction, the problem becomes more and more serious.

You can not just like the "JavaScript" some characters do not escape to cause the Web page crashes with the display method involving the escape character (click to open the link) the same way, the ~ ' [email protected]#$%^&* () _+-={}| []\: ' <>?; ',./These weird English symbols are written in & amp; & LT, such as the escape character, so,& more, the submitted URL is still truncated. Therefore, you should not use the Get method to submit Ajax, but you can consider to change these symbols to the perfect corner.

The following is a method that only the symbol does not include English, half-width to full angle:

/* * Escapeajaxstring () is a call to the submitted text before the Ajax commit with the GET method * prevents the [e-mail protected]#$%^&* () symbol from causing the Ajax address of the Get method to break */function Escapeajaxstring (txtstring) {var tmp = ""; for (var i = 0; i < txtstring.length; i++) {if (txtstring.charcodeat (i) = = +) {TMP = tmp + string.fromcharcode (12288);} if ((< Txtstring.charcodeat (i) && txtstring.charcodeat (i) < 48) | | (< Txtstring.charcodeat (i) && txtstring.charcodeat (i) < 65) | | (< Txtstring.charcodeat (i) && txtstring.charcodeat (i) < 97) | | (122 < Txtstring.charcodeat (i) && txtstring.charcodeat (i) < 127)) {TMP = tmp + string.fromcharcode (txtstring.charcodeat (i) + 65248);} else {TMP = tmp + string.fromcharcode (txtstring.charcodeat (i));}} return TMP;}

Notice the second judgment, the conditions are very many, but also only a range. Because the distribution of symbols is broken in different intervals in the ASCII code table and in the Unicode Code table.

Here is a sentence: The Unicode Code table contains the ASCII code table, the ASCII code table is a subset of the Unicode code table, the Unicode code table 0-255 is the ASCII code table all, ASCII code table 0-255, the order is still the same.

The above algorithm examines the passed string:

If a space is encountered, it is offset by 12,288 bits and becomes a space in Chinese.

If you encounter a half-width symbol, offset it by 65,248 positions and turn it into a full-width symbol.

If something else is encountered, it is not offset.

It then reconstructs a new string, which is returned.

This completes the half-width symbol, the space to the full-width conversion. When the Get method handles Ajax, it will be treated as a normal Chinese word, not because of the "[email protected]#$%^&* () _+-={}| []\: ' <>?; ',./These weird English symbols truncate the case of the submitted ActionURL!

How "JavaScript" handles some symbols before committing Ajax using the Get method