url特殊字符转义及解决方法(附有例子)

最新推荐文章于 2024-08-18 21:03:53 发布
最新推荐文章于 2024-08-18 21:03:53 发布
阅读量9.2k 收藏 5
点赞数 4
分类专栏: java 文章标签: url js 转义 后台代码
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_39704682/article/details/90897986
版权

做页面开发的时候有时候,会使用Javascript的escape(),encodeURIComponent(),encodeURI ()这三个函数进行URL编码,防止特殊字符接收不到。

解决方法:就是把客服端中带有特殊字符的参数替换成另一些代替的参数,如下所示
1、+ URL 中+号表示空格 %2B
2、空格 URL中的空格可以用+号或者编码 %20
3、 / 分隔目录和子目录 %2F
4、 ? 分隔实际的 URL 和参数 %3F
5、 % 指定特殊字符 %25
6、# 表示书签 %23
7、 & URL 中指定的参数间的分隔符 %26
8、 = URL 中指定参数的值 %3D

1.使用encodeURLComponent传递参数

这是所需要传递的参数

<a href="javascript:video(0);"onclick="javascript:URLencode('${classify.name }');">${classify.name }</a></li>

解决方式如下

<script>
    function URLencode(sStr) {
        sStr = escape(escape(sStr));
        location.href="http://passport.baidu.com/?logout&aid=7&u='+encodeURIComponent("http://cang.baidu.com/bruce42")+);
    }
</script>

2. 进行URL跳转的时候整体使用encodeURL

<script>
    function URLencode(sStr) {
    Location.href=encodeURI("http://cang.baidu.com/do/s?word=百度&ct=21"); 
    }
</script>

3.js使用数据时可以用escape(个人用的比较多)编码功能比较强大(个人觉得)

Javascript中的escape()是将中文按ISO-8859-1字符集进行URL编码的,那样通request.getParameter()是能直接获取到请求参数的,但后来的Javascript将escape()换成了Unicode字符集编码,如此一来,在JSP和Servlet中就没法直接拿到请求参数了,而且此时的request获得的参数值都是空值。

首先对中文字符进行两次escape()编码,如要传参数name,值为“王尼玛”,则url的格式为….name=escape(escape(“王尼玛”)),这样后台获取的数据就是经过就是经过浏览器解码一次后的参数,所以需要自己写一个,工具类解码。
下面举个栗子:
jsp代码

<a href="javascript:video(0);"
                onclick="javascript:URLencode('${classify.name }');">${classify.name }</a>

js代码

function URLencode(sStr) {
        sStr = escape(escape(sStr));
        location.href="${pageContext.request.contextPath }/classify/queryClassify?c="+sStr;
    }

由于取到的参数是经过u9EC4%u4FEE%u7FA4这样格式的,没办法用常规的URLDecoder.decode()来进行解码,下面一个大牛写的一个工具类,我直接拿来使用了。直接调用unescape()就可以解码了。

package com.cn.imax.util;

/**
 * JavaScript escape/unescape 编码的 Java 实现
 */
public class Escape {
    private final static String[] hex = {
        "00","01","02","03","04","05","06","07","08","09","0A","0B","0C","0D","0E","0F",
        "10","11","12","13","14","15","16","17","18","19","1A","1B","1C","1D","1E","1F",
        "20","21","22","23","24","25","26","27","28","29","2A","2B","2C","2D","2E","2F",
        "30","31","32","33","34","35","36","37","38","39","3A","3B","3C","3D","3E","3F",
        "40","41","42","43","44","45","46","47","48","49","4A","4B","4C","4D","4E","4F",
        "50","51","52","53","54","55","56","57","58","59","5A","5B","5C","5D","5E","5F",
        "60","61","62","63","64","65","66","67","68","69","6A","6B","6C","6D","6E","6F",
        "70","71","72","73","74","75","76","77","78","79","7A","7B","7C","7D","7E","7F",
        "80","81","82","83","84","85","86","87","88","89","8A","8B","8C","8D","8E","8F",
        "90","91","92","93","94","95","96","97","98","99","9A","9B","9C","9D","9E","9F",
        "A0","A1","A2","A3","A4","A5","A6","A7","A8","A9","AA","AB","AC","AD","AE","AF",
        "B0","B1","B2","B3","B4","B5","B6","B7","B8","B9","BA","BB","BC","BD","BE","BF",
        "C0","C1","C2","C3","C4","C5","C6","C7","C8","C9","CA","CB","CC","CD","CE","CF",
        "D0","D1","D2","D3","D4","D5","D6","D7","D8","D9","DA","DB","DC","DD","DE","DF",
        "E0","E1","E2","E3","E4","E5","E6","E7","E8","E9","EA","EB","EC","ED","EE","EF",
        "F0","F1","F2","F3","F4","F5","F6","F7","F8","F9","FA","FB","FC","FD","FE","FF"
    };
    private final static byte[] val = {
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F
    };
    public static String escape(String s) {
        StringBuffer sbuf = new StringBuffer();
        int len = s.length();
        for (int i = 0; i < len; i++) {
            int ch = s.charAt(i);
            if (ch == ' ') {                        // space : map to '+' 
                sbuf.append('+');
            } else if ('A' <= ch && ch <= 'Z') {    // 'A'..'Z' : as it was
                sbuf.append((char)ch);
            } else if ('a' <= ch && ch <= 'z') {    // 'a'..'z' : as it was
                sbuf.append((char)ch);
            } else if ('0' <= ch && ch <= '9') {    // '0'..'9' : as it was
                sbuf.append((char)ch);
            } else if (ch == '-' || ch == '_'       // unreserved : as it was
                || ch == '.' || ch == '!'
                || ch == '~' || ch == '*'
                || ch == '/' || ch == '('
                || ch == ')') {
                sbuf.append((char)ch);
            } else if (ch <= 0x007F) {              // other ASCII : map to %XX
                sbuf.append('%');
                sbuf.append(hex[ch]);
            } else {                                // unicode : map to %uXXXX
                sbuf.append('%');
                sbuf.append('u');
                sbuf.append(hex[(ch >>> 8)]);
                sbuf.append(hex[(0x00FF & ch)]);
            }
       }
        return sbuf.toString();
    }
    public static String unescape(String s) {
        StringBuffer sbuf = new StringBuffer();
        int i = 0;
        int len = s.length();
        while (i < len) {
            int ch = s.charAt(i);
            if (ch == '+') {                        // + : map to ' ' 
                sbuf.append(' ');
            } else if ('A' <= ch && ch <= 'Z') {    // 'A'..'Z' : as it was
                sbuf.append((char)ch);
            } else if ('a' <= ch && ch <= 'z') {    // 'a'..'z' : as it was
                sbuf.append((char)ch);
            } else if ('0' <= ch && ch <= '9') {    // '0'..'9' : as it was
                sbuf.append((char)ch);
            } else if (ch == '-' || ch == '_'       // unreserved : as it was
                || ch == '.' || ch == '!'
                || ch == '~' || ch == '*'
                || ch == '/' || ch == '('
                || ch == ')') {
                sbuf.append((char)ch);
            } else if (ch == '%') {
                int cint = 0;
                if ('u' != s.charAt(i+1)) {         // %XX : map to ascii(XX)
                    cint = (cint << 4) | val[s.charAt(i+1)];
                    cint = (cint << 4) | val[s.charAt(i+2)];
                    i+=2;
                } else {                            // %uXXXX : map to unicode(XXXX)
                    cint = (cint << 4) | val[s.charAt(i+2)];
                    cint = (cint << 4) | val[s.charAt(i+3)];
                    cint = (cint << 4) | val[s.charAt(i+4)];
                    cint = (cint << 4) | val[s.charAt(i+5)];
                    i+=5;
                }
                sbuf.append((char)cint);
            }
            i++;
        }
        return sbuf.toString();
    }
    public static void main(String[] args) {
     //   String stest = "数据库";
      //  System.out.println(stest);
       // System.out.println(escape(stest));
       //  System.out.println(unescape(escape(stest)));
    }
}

注意:+字符好像没有被编译(可能我水平不够吧)所以接收参数的时候这样出来一下

    c = c.replaceAll(" ", "%2B");
    c = Escape.unescape(c);

这样就解码成功了!

悠悠做神仙
关注
专栏目录
windows7下启动mysql服务出现服务名无效的原因及解决方法
01-19
问题原因:mysql服务没有安装。 解决办法: 在 mysql bin目录下 以管理员的权限 执行 ... 您可能感兴趣的文章:windows下MySQL5.6版本安装及配置过程附有截图和详细说明windows下apache+php+mysql 环境配置方法MySQL
网址URL特殊字符转义编码
01-18 2万+
网址URL特殊字符转义编码 字符 - URL编码值 空格 - %20 " - %22 # - %23 % - %25 & - %26 ( - %28 ) - %29 + - %2B , - %2C / - %2F : - %3A ; ...
URL中的转义字符
小小代码狩猎者
03-07 6405
2.encodeURIComponent()把字符串作为 URI 组件的一部分(如path/query/fragment等)进行编码,所以用于分隔 URI 各个部分的特殊分隔符号(;1.encodeURI()把字符串作为 URI整体进行编码,所以URI组件中的特殊分隔符号(;,%,#,&,=等特殊字符串符号时,因为上述字符有特殊含义,导致服务器端无法正确解析参数,如何处理?编码的格式为:%加字符的ASCII码(16进制),例如空格的编码值是"%20"。输出你好javascript。HTML中的转义字符。
Base64 编码解码与 URL/Query 转义
最新发布
qq_45831414的博客
08-18 622
通过上述方法,您可以有效地处理 Base64 编码在 URL 和查询字符串中的转义问题。希望这篇笔记能帮助您避免常见的错误并提高代码的健壮性。
URL转义
热门推荐
学而不思则罔 思而不学则殆
12-09 8万+
URL中的字符只能是ASCII字符,但是ASCII字符比较少,而URL则常常包含ASCII字符集以外的字符,如非英语字符、汉字、特殊符号等等,所以要对URL进行转换。这个过程就叫做URL编码,或者叫URL转义,实质上就是将包含非ASCII字符的URL转换为有效的ASCII字符格式。 在进行URL编码时,每一个非ASCII字符都被替换为“%hh”格式,其中hh为两位十六进制数,它对应于该字符在IS
http中url特殊字符转义解决方法
qq_40453972的博客
03-02 1万+
http中url特殊字符转义解决方法
关于URL中带空格的问题
积累每一天
05-23 2万+
前些时间做了个文件下载的应用,由于中文
url特殊字符转义解决方法
weixin_30883311的博客
09-11 761
URL特殊字符转义 1、空格换成加号(+) 2、正斜杠(/)分隔目录和子目录 3、问号(?)分隔URL和查询 4、百分号(%)制定特殊字符 5、#号指定书签 6、&号分隔参数 转义字符的原因:如果你的表单使用get方法提交,并且提交的参数中有“&”等特殊符的话,如果不做处理,在service...
字符串操作常用方法.py
03-20
关于Python字符串基础操作方法学习的详细资料(修改、查找、判断),附有代码!!!!!!!!!!!!!!
系统实际文档附有例子
07-30
此外,这些文档的例子还能帮助新入行的IT从业者了解实际工作中可能遇到的问题,以及如何解决这些问题。对于团队协作,统一的文档格式和内容规范也是至关重要的,能够减少误解,增强团队合作。因此,深入理解和应用...
文件包内附有源码及相关matlab
03-13
标题中的“文件包内附有源码及相关matlab”表明这是一个与MATLAB编程相关的资源集合,其中包含了源代码和一个关于MATLAB的介绍性PPT。这个资源可能用于教学、研究或者个人学习,旨在帮助用户理解和应用MATLAB进行...
MySql函数-取一个字符串分隔后指定位置的子字符串
11-11
一、函数功能:对字符串进行分隔数组,取指定顺序位置的子字符串,支持左右双向获取,支持默认值返回,附有测试用例 二、函数格式:fn_get_split_val(in_str varchar,in_delimiter varchar,in_order int,in_default ...
URL中文转义特殊字符处理
MayerF的专栏
11-10 2万+
一、URLURL编码 URL(统一资源定位器)是网页的地址。 URL编码:浏览器用来打包表单输入的格式。 URL特点: 1、URL只能使用ASCII字符集通过因特网传输。 2、URL不能包含空格。URL编码通常使用“+”来代替空格(个人认为还是%20更靠谱)。 URL编码特点: 1、URL编码就是用“%”后跟两位该字符所对应的十六进制数。比如?,其URL编码结果为:%3F。 2、
URL转义字符
Always577的博客
11-10 764
字符 - URL编码值。空格 - %20。
url 编码(percentcode 百分号编码)
happyqwz的专栏
07-16 1万+
http://www.imkevinyang.com/2009/08/%E8%AF%A6%E8%A7%A3javascript%E4%B8%AD%E7%9A%84url%E7%BC%96%E8%A7%A3%E7%A0%81.html 摘要 本文主要针对URI编解码的相关问题做了介绍,对Url编码中哪些字符需要编码、为什么需要编码做了详细的说明,并对比分析了Javascrip
后端返给前端xml如何防止被转义
09-08
### 回答1: 在向前端返回 XML 数据时,可以使用 HTTP 头部设置 Content-Type 为 "application/xml" 或 "text/xml",这样浏览器就能正确识别并解析 XML 格式的数据,而不会对其进行转义。在返回数据时进行编码设置 utf-8, 也是防止被转义的一种方法代码中可以使用 `response.headers["Content-Type"] = "application/xml; charset=utf-8"` 或 `response.headers["Content-Type"] = "text/xml; charset=utf-8"`来设置 HTTP 头部信息。 ### 回答2: 后端返给前端XML时,需要注意防止XML被转义的问题。可以使用以下方法来避免XML被转义: 1. 使用CDATA标签:可以将XML数据包裹在<![CDATA[ ]]>标签中,这样可以告诉解析器不对该部分进行转义,而是原样输出。 例如,将XML数据包裹在CDATA标签中: <![CDATA[<data>Hello World</data>]]> 2. 转义特殊字符:如果数据中包含了XML的特殊字符(如<、>、"、'、&等),需要将其转义为对应的实体引用。 例如,将"<"转义为"<",">"转义为">","&"转义为"&"等。 3. 使用XML声明:在返回的XML数据中添加XML声明部分(<?xml version="1.0" encoding="UTF-8"?>),指定XML的版本和编码方式。这样可以告诉解析器如何对XML进行解析,避免误解为需要转义。 例如: <?xml version="1.0" encoding="UTF-8"?> <data>Hello World</data> 综上所述,通过使用CDATA标签、转义特殊字符和添加XML声明等方法,可以有效防止后端返回的XML被前端转义。这样可以确保XML数据在前端能够正确解析和显示,避免因为转义而导致的数据错误。 ### 回答3: 在后端将 XML 数据返回给前端时,为了防止 XML 数据被转义,可以采取以下措施: 1. 使用转义字符进行转义:在生成 XML 数据时,可以使用转义字符来转义特殊字符,比如将"<"转义为"<"、">"转义为">"、"&"转义为"&"等。这样可以确保特殊字符不会被解析器误认为是 XML 标签。 2. 使用 CDATA 包裹数据:CDATA(Character Data)是一种在 XML 文件中包含文本数据的方式,CDATA 区块中的数据可以包含任意字符,包括特殊字符。把需要返回给前端的 XML 数据放置在 CDATA 区块中,可以确保文本数据不被解析器解析。 3. 设置 Content-Type 头信息:在后端返回 XML 数据时,可以通过设置 Content-Type 头信息为"application/xml"或"text/xml"来告知浏览器或前端代码,返回的数据是 XML 格式的。这样浏览器或前端代码在接收到数据时会正确地处理 XML 数据,不会误认为是普通的字符串或 HTML 数据。 4. 对特殊字符进行编码:使用 URL 编码或 Base64 编码等方式对 XML 数据中的特殊字符进行编码,这样可以确保特殊字符传输的安全性,并且在前端接收时进行解码还原。 综上所述,通过适当转义特殊字符、使用 CDATA、设置正确的 Content-Type 头信息以及对特殊字符进行编码,就可以有效地防止后端返给前端的 XML 数据被转义
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值