URL special character escaping and solving method

When doing page development, there are three functions, such as JavaScript escape (), encodeURIComponent (), encodeURI (), that can be used to prevent special characters from being received.

Workaround: Replace the parameters with special characters in the customer service side with some other substitution parameters, as shown below
1, + URL in the + sign for space%2b
2, space in the URL of the space can be used with the + number or code%20
3,/delimited directories and subdirectories%2f
4,? Separating the actual URLs and parameters%3f
5,% specify special characters%25
6. # means bookmark%23
7. The delimiter between the parameters specified in the & URL%26
8, = The value of the specified parameter in the URL%3d

1. Passing Parameters using Encodeurlcomponent

This is the parameter that needs to be passed

<href= "Javascript:video (0);" onclick = "Javascript:urlencode (' ${classify.name} ');" >${classify.name}</a></li>

The solution is as follows

<Script>    functionUrlEncode (sStr) {sStr=Escape (Escape (SSTR)); Location.href="http://passport.baidu.com/?logout&aid=7&u= ' +encodeuricomponent ("http://cang.baidu.com/bruce42 ") +);    }</Script>

2. When you make a URL jump, use Encodeurl as a whole

< Script >    function UrlEncode (sStr) {    location.href=encodeURI ("http://cang.baidu.com/ do/s?word= Baidu &ct=21");     } </ Script >

3.js use of the data can be used to escape (more personal) encoding function more powerful (personally think)

The escape () in JavaScript is URL-encoded in Chinese by the iso-8859-1 character set, which can be obtained directly through Request.getparameter (), but later JavaScript will escape () In the case of Unicode character set encoding, the request parameters are not directly available in the JSP and servlet, and the parameter values obtained at this time are null values.

First the Chinese characters are two times escape () encoding, if you want to pass the parameter name, the value is "Huang", the format of the URL is ... name=escape (Escape ("Huang")), so that the background to obtain the data is through the browser decoded once the parameters, So you need to write a, tool-like decoding,

Here's a concrete example
JSP code

<href= "Javascript:video (0);"                 onclick= "Javascript:urlencode (' ${classify.name} ');" >${classify.name}</a>

JS Code

function UrlEncode (sStr) {        sStr = Escape (Escape (SSTR));        location.href= "${pagecontext.request.contextpath}/classify/queryclassify?c=" +SSTR;    }

Because the parameters taken are u9ec4%u4fee%u7fa4 in such a format, there is no way to use the regular Urldecoder.decode () to decode, the following a Daniel wrote a tool class, I directly to use. The direct call to Unescape () is decoded.

 PackageCom.cn.imax.util;/*** JavaScript escape/unescape encoded Java implementation*/ Public classEscape {Private Final StaticString[] Hex = {        "XX", "he", "the", "", "", "", "", "", "", "", "", "" "," 0A "," 0B "," 0C "," 0D "," 0E "," 0F ",        "Ten", "One", "a", "" "," "," "," "", "" "," "," 1 A "," 1 B "," 1C "," 1D "," 1E "," 1F ",        "A", "" "," "", "", "", "" "," "", "" "," "," "," 2A "," 2B "," 2C "," 2D "," 2E "," 2F ",        "A", "to", "a", "" "," "," "", "" "," "", "", "" "," 3 A "," 3B "," 3C "," 3D "," 3E "," 3F ",        "A", "a", "a", "" "," "", "", "", "", "", "", "", "4 A", "4 B", "4C", "4D", "4E", "4F",        "WU", "Wuyi", "si", "si", "WU", "" "," "", "" "," "", "" "," "5A", "5B", "5C", "5D", "5E", "5F",        "", "" "," "" "," "", "", "" "," "", "" "," "", "" "," "", "" 6A "," 6B "," 6C "," 6D "," 6E "," 6F ",        "", "" "," "", "" "," "", "" "," "," "," "", "" "," "", "" "," 7A "," 7B "," 7C "," 7D "," 7E "," 7F ",        "A", "Bayi", "the" "", "" "," "", "", "", "" "," "", "", "", "" "," 8A "," 8B "," 8C "," 8D "," 8E "," 8F ",        "All", "94", "the" "The", "" "," "", "" "," "", "" "," "", "98", "the", "9A", "9B", "9C", "9D", "9E", "9F",        "A0", "A1", "A2", "A3", "A4", "A5", "A6", "A7", "A8", "A9", "AA", "AB", "AC", "AD", "AE", "AF",        "B0", "B1", "B2", "B3", "B4", "B5", "B6", "B7", "B8", "B9", "BA", "BB", "BC", "BD", "Be", "BF",        "C0", "C1", "C2", "C3", "C4", "C5", "C6", "C7", "C8", "C9", "CA", "CB", "CC", "CD", "CE", "CF",        "D0", "D1", "D2", "D3", "D4", "D5", "D6", "D7", "D8", "D9", "DA", "DB", "DC", "DD", "DE", "DF",        "E0", "E1", "E2", "E3", "E4", "E5", "E6", "E7", "E8", "E9", "EA", "EB", "EC", "ED", "EE", "EF",        "F0", "F1", "F2", "F3", "F4", "F5", "F6", "F7", "F8", "F9", "FA", "FB", "FC", "FD", "FE", "FF"    }; Private Final Static byte[] val = {        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,        0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f,0x3f    };  Public Staticstring Escape (String s) {StringBuffer sbuf=NewStringBuffer (); intLen =s.length ();  for(inti = 0; i < Len; i++) {            intCH =S.charat (i); if(ch = = ") {//space:map to ' + 'Sbuf.append (' + ')); } Else if(' A ' <= ch && ch <= ' Z ') {//' A ' ... ' Z ': as it wasSbuf.append ((Char) ch); } Else if(' A ' <= ch && ch <= ' z ') {//' a ' ... ' Z ': as it wasSbuf.append ((Char) ch); } Else if(' 0 ' <= ch && ch <= ' 9 ') {//' 0 ' ... ' 9 ': as it wasSbuf.append ((Char) ch); } Else if(ch = = '-' | | ch = = ' _ ')//Unreserved:as It was|| ch = = '. ' | |                CH = = '! ' || ch = = ' ~ ' | | CH = = ' * ' | | ch = = '/' | | ch = = ' (' | | ch = = ') ') {sbuf.append (Char) ch); } Else if(Ch <= 0x007F) {//Other ascii:map to%XXSbuf.append ('% ');            Sbuf.append (Hex[ch]); } Else{//Unicode:map to%uxxxxSbuf.append ('% '); Sbuf.append (' U '); Sbuf.append (hex[(ch>>> 8)]); Sbuf.append (hex[(0x00FF &ch)]); }       }        returnsbuf.tostring (); }     Public Staticstring unescape (string s) {StringBuffer sbuf=NewStringBuffer (); inti = 0; intLen =s.length ();  while(I <Len) {            intCH =S.charat (i); if(ch = = ' + ') {//+: Map to 'Sbuf.append (' '); } Else if(' A ' <= ch && ch <= ' Z ') {//' A ' ... ' Z ': as it wasSbuf.append ((Char) ch); } Else if(' A ' <= ch && ch <= ' z ') {//' a ' ... ' Z ': as it wasSbuf.append ((Char) ch); } Else if(' 0 ' <= ch && ch <= ' 9 ') {//' 0 ' ... ' 9 ': as it wasSbuf.append ((Char) ch); } Else if(ch = = '-' | | ch = = ' _ ')//Unreserved:as It was|| ch = = '. ' | |                CH = = '! ' || ch = = ' ~ ' | | CH = = ' * ' | | ch = = '/' | | ch = = ' (' | | ch = = ') ') {sbuf.append (Char) ch); } Else if(ch = = '% ') {                intCInt = 0; if(' u '! = S.charat (i+1)) {//%xx:map to ASCII (XX)CInt = (CInt << 4) | Val[s.charat (i+1)]; CInt= (CInt << 4) | Val[s.charat (i+2)]; I+=2; } Else{//%uxxxx:map to Unicode (XXXX)CInt = (CInt << 4) | Val[s.charat (i+2)]; CInt= (CInt << 4) | Val[s.charat (i+3)]; CInt= (CInt << 4) | Val[s.charat (i+4)]; CInt= (CInt << 4) | Val[s.charat (i+5)]; I+=5; } sbuf.append ((Char) CInt); } I++; }        returnsbuf.tostring (); }     Public Static voidMain (string[] args) {//String stest = "Database"; //System.out.println (stest); //System.out.println (Escape (stest)); //System.out.println (Unescape (Escape (Stest)));    }}

Note: The + character does not seem to be compiled (maybe I'm not enough) so when I receive the parameters, I come out.

   c = C.replaceall ("", "%2b");     = Escape.unescape (c);

So the decoding is successful.

URL special character escaping and solving method