No longer afraid of URI encoding: JavaScript and C # URI coding

Transferred from: http://www.cnblogs.com/artwl/archive/2012/03/07/2382848.html

Confusing URI encoding

There are three ways to encode in javascript: Escape, encodeURI, encodeURIComponent

The main methods of encoding in C #: Httputility.urlencode, Server.URLEncode, uri.escapeuristring, uri.escapedatastring

JavaScript in the good, only provides three, C # in the main use of so many, have not listed other coding (HTML), a lot of do not understand, do not understand the heart of fear, the heart of fear becomes bitter force, this article explained in detail in JavaScript and C # How to encode URIs (note: No other encodings are involved in this article).

Escape: Not recommended

Cause: Eacape is a method in the BOM that encodes only the ASCII symbols correctly, while the encodeURI, encodeuricomponent can encode all Unicode symbols. ECMAScript v3 against using this method, the application uses decodeURI () and decodeuricomponent () to replace it.

Escape does not encode characters with 69:*,+,-,.,/,@,_,0-9,a-z,a-z

encodeURI: Used to encode URLs (without parameters)

encodeURI does not encode 82 characters:!,#,$,&, ', (,), *,+,,,-,.,/,:,;,=,?,@,_,~,0-9,a-z,a-z

encodeURI is designed for this. encodeURI does not encode special characters in the URI, such as a colon (:), slash (/). Let's look at an example:

encodeURI ("http://www.cnblogs.com/a file with spaces.html")
Outputs http://www.cnblogs.com/a%20file%20with%20spaces.html

You can see that only the space is replaced by 20%, so this method can be used to encode the URL.

Because the encodeURI does not encode a colon (:), slash (/), if the parameter (such as the URL as a parameter) contains a colon (:), slash (/), it resolves an error, so this method cannot encode the parameter.

encodeURIComponent: Used to encode URL parameters

encodeURIComponent does not encode 71 characters:!, ', (,), *,-,.,_,~,0-9,a-z,a-z

You can see that this method encodes:/Both, so it cannot be used to encode URLs. Because of this method, the Chinese, the space, the pound sign (#), the slash (/), the colon (:) are encoded, so it is appropriate to encode the parameters in the URI. Look at the following example:

var param= "blog Park";
var url= "http://www.cnblogs.com/?key=" +encodeuricomponent (param) + "&page=1";
Console.log (URL);//outputs http://www.cnblogs.com/?key=%E5%8D%9A%E5%AE%A2%E5%9B%AD&page=1

As you can see, this is exactly what we want (here we encode only the parameters that need to be encoded (page=1 does not need to be encoded).

Server.URLEncode && Httputility.urlencode: not recommended

Put these two together because the two methods are the same in most cases. The difference is that Httputility.urlencode is encoded using the UTF8 format by default, and Server.URLEncode is encoded using the System preset format, Server.URLEncode using the preset encoding as a parameter call Httputility.urlencode Code, so if the system is encoded in UTF8 format globally, the two methods are the same.

How the two methods are encoded, let's look at an example:

String url1 = "http://www.cnblogs.com/a file with spaces.html?a=1&b= Blog Park #abc";
Response.Write (Httputility.urlencode (URL1));

Output
Http%3a%2f%2fwww.cnblogs.com%2fa+file+with+spaces.html%3fa%3d1%26b%3d%e5%8d%9a%e5%ae%a2%e5%9b%ad%23abc

As we can see from the above example, Httputility.urlencode encodes a colon (:) and slash (/), so it cannot be used to encode URLs.

So can the parameters be encoded, the answer is also negative. These two methods are not recommended for encoding URIs because they should be encoded as%20 instead of being httputility.urlencode encoded as a plus sign (+).

Uri.escapeuristring: Used to encode URLs (without parameters)

We still use the example to speak:

String url1 = "http://www.cnblogs.com/a file with spaces.html?a=1&b= Blog Park #abc";
Response.Write (Uri.escapeuristring (URL1));
Outputs
Http://www.cnblogs.com/a%20file%20with%20spaces.html?a=1&b=%E5%8D%9A%E5%AE%A2%E5%9B%AD#abc

As you can see, uri.escapeuristring encodes the spaces and encodes the Chinese, but the colon (:), slash (/), and pound (#) is not encoded, so this method can be used to encode the URL, but the parameter cannot be encoded. Functions like the encodeURI method in JavaScript.

Uri.escapedatastring: Used to encode URL parameters

Still use examples to speak:

String url1 = "http://www.cnblogs.com/a file with spaces.html?a=1&b= Blog Park #abc";
Response.Write (Uri.escapedatastring (URL1));
Outputs
Http%3a%2f%2fwww.cnblogs.com%2fa%20file%20with%20spaces.html%3fa%3d1%26b%3d%e5%8d%9a%e5%ae%a2%e5%9b%ad%23abc

As you can see, uri.escapedatastring encodes a colon (:), slash (/), space, Chinese, pound sign (#), so this method cannot be used for URL encoding, but can be used to encode parameters. Functions like the encodeURIComponent method in JavaScript.

Summary

　　The recommended practice in JavaScript is to encode the URL portion of the URI with encodeURI, using encodeURIComponent to encode the parameters passed in the URI.

The recommended practice in C # is to encode the URL portion of the URI with uri.escapeuristring, and use uri.escapedatastring to encode the parameters passed in the URI.

The decoding part is not said, and the coding method corresponds.

No longer afraid of URI encoding: JavaScript and C # URI coding