码迷,mamicode.com
首页 > Web开发 > 详细

url特殊字符转义及解决方法

时间:2017-02-16 14:13:29      阅读:251      评论:0      收藏:0      [点我收藏+]

标签:sans   main   replace   reserve   return   ide   jsp   跳转   0x03   

做页面开发的时候有时候,会使用JavaScript的escape(),encodeURIComponent(),encodeURI ()这三个函数进行URL编码,防止特殊字符接收不到。

解决方法:就是把客服端中带有特殊字符的参数替换成另一些代替的参数,如下所示 
1、+ URL 中+号表示空格 %2B 
2、空格 URL中的空格可以用+号或者编码 %20 
3、 / 分隔目录和子目录 %2F 
4、 ? 分隔实际的 URL 和参数 %3F 
5、 % 指定特殊字符 %25 
6、# 表示书签 %23 
7、 & URL 中指定的参数间的分隔符 %26 
8、 = URL 中指定参数的值 %3D

1.使用encodeURLComponent传递参数

这是所需要传递的参数

<a href="javascript:video(0);"onclick="javascript:URLencode(‘${classify.name }‘);">${classify.name }</a></li>

解决方式如下

<script>
    function URLencode(sStr) {
        sStr = escape(escape(sStr));
        location.href="http://passport.baidu.com/?logout&aid=7&u=‘+encodeURIComponent("http://cang.baidu.com/bruce42")+);
    }
</script>

2. 进行URL跳转的时候整体使用encodeURL

<script>
    function URLencode(sStr) {
    Location.href=encodeURI("http://cang.baidu.com/do/s?word=百度&ct=21"); 
    }
</script>

3.js使用数据时可以用escape(个人用的比较多)编码功能比较强大(个人觉得)

Javascript中的escape()是将中文按ISO-8859-1字符集进行URL编码的,那样通过 request.getParameter()是能直接获取到请求参数的,但后来的Javascript将escape()换成了Unicode字符集编 码,如此一来,在JSP和Servlet中就没法直接拿到请求参数了,而且此时的request获得的参数值都是空值,
首先对中文字符进行两次escape()编码,如要传参数name,值为“黄修群”,则url的格式为….name=escape(escape(“黄修群”)),这样后台获取的数据就是经过就是经过浏览器解码一次后的参数,所以需要自己写一个,工具类解码,

下面是具体例子 
jsp代码

<a href="javascript:video(0);"
                onclick="javascript:URLencode(‘${classify.name }‘);">${classify.name }</a>

js代码

function URLencode(sStr) {
        sStr = escape(escape(sStr));
        location.href="${pageContext.request.contextPath }/classify/queryClassify?c="+sStr;
    }

由于取到的参数是经过u9EC4%u4FEE%u7FA4这样格式的,没办法用常规的URLDecoder.decode()来进行解码,下面一个大牛写的一个工具类,我直接拿来使用了。直接调用unescape()就可以解码了。

package com.cn.imax.util;

/**
 * JavaScript escape/unescape 编码的 Java 实现
 */
public class Escape {
    private final static String[] hex = {
        "00","01","02","03","04","05","06","07","08","09","0A","0B","0C","0D","0E","0F",
        "10","11","12","13","14","15","16","17","18","19","1A","1B","1C","1D","1E","1F",
        "20","21","22","23","24","25","26","27","28","29","2A","2B","2C","2D","2E","2F",
        "30","31","32","33","34","35","36","37","38","39","3A","3B","3C","3D","3E","3F",
        "40","41","42","43","44","45","46","47","48","49","4A","4B","4C","4D","4E","4F",
        "50","51","52","53","54","55","56","57","58","59","5A","5B","5C","5D","5E","5F",
        "60","61","62","63","64","65","66","67","68","69","6A","6B","6C","6D","6E","6F",
        "70","71","72","73","74","75","76","77","78","79","7A","7B","7C","7D","7E","7F",
        "80","81","82","83","84","85","86","87","88","89","8A","8B","8C","8D","8E","8F",
        "90","91","92","93","94","95","96","97","98","99","9A","9B","9C","9D","9E","9F",
        "A0","A1","A2","A3","A4","A5","A6","A7","A8","A9","AA","AB","AC","AD","AE","AF",
        "B0","B1","B2","B3","B4","B5","B6","B7","B8","B9","BA","BB","BC","BD","BE","BF",
        "C0","C1","C2","C3","C4","C5","C6","C7","C8","C9","CA","CB","CC","CD","CE","CF",
        "D0","D1","D2","D3","D4","D5","D6","D7","D8","D9","DA","DB","DC","DD","DE","DF",
        "E0","E1","E2","E3","E4","E5","E6","E7","E8","E9","EA","EB","EC","ED","EE","EF",
        "F0","F1","F2","F3","F4","F5","F6","F7","F8","F9","FA","FB","FC","FD","FE","FF"
    };
    private final static byte[] val = {
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,
        0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F,0x3F
    };
    public static String escape(String s) {
        StringBuffer sbuf = new StringBuffer();
        int len = s.length();
        for (int i = 0; i < len; i++) {
            int ch = s.charAt(i);
            if (ch == ‘ ‘) {                        // space : map to ‘+‘ 
                sbuf.append(‘+‘);
            } else if (‘A‘ <= ch && ch <= ‘Z‘) {    // ‘A‘..‘Z‘ : as it was
                sbuf.append((char)ch);
            } else if (‘a‘ <= ch && ch <= ‘z‘) {    // ‘a‘..‘z‘ : as it was
                sbuf.append((char)ch);
            } else if (‘0‘ <= ch && ch <= ‘9‘) {    // ‘0‘..‘9‘ : as it was
                sbuf.append((char)ch);
            } else if (ch == ‘-‘ || ch == ‘_‘       // unreserved : as it was
                || ch == ‘.‘ || ch == ‘!‘
                || ch == ‘~‘ || ch == ‘*‘
                || ch == ‘/‘ || ch == ‘(‘
                || ch == ‘)‘) {
                sbuf.append((char)ch);
            } else if (ch <= 0x007F) {              // other ASCII : map to %XX
                sbuf.append(‘%‘);
                sbuf.append(hex[ch]);
            } else {                                // unicode : map to %uXXXX
                sbuf.append(‘%‘);
                sbuf.append(‘u‘);
                sbuf.append(hex[(ch >>> 8)]);
                sbuf.append(hex[(0x00FF & ch)]);
            }
       }
        return sbuf.toString();
    }
    public static String unescape(String s) {
        StringBuffer sbuf = new StringBuffer();
        int i = 0;
        int len = s.length();
        while (i < len) {
            int ch = s.charAt(i);
            if (ch == ‘+‘) {                        // + : map to ‘ ‘ 
                sbuf.append(‘ ‘);
            } else if (‘A‘ <= ch && ch <= ‘Z‘) {    // ‘A‘..‘Z‘ : as it was
                sbuf.append((char)ch);
            } else if (‘a‘ <= ch && ch <= ‘z‘) {    // ‘a‘..‘z‘ : as it was
                sbuf.append((char)ch);
            } else if (‘0‘ <= ch && ch <= ‘9‘) {    // ‘0‘..‘9‘ : as it was
                sbuf.append((char)ch);
            } else if (ch == ‘-‘ || ch == ‘_‘       // unreserved : as it was
                || ch == ‘.‘ || ch == ‘!‘
                || ch == ‘~‘ || ch == ‘*‘
                || ch == ‘/‘ || ch == ‘(‘
                || ch == ‘)‘) {
                sbuf.append((char)ch);
            } else if (ch == ‘%‘) {
                int cint = 0;
                if (‘u‘ != s.charAt(i+1)) {         // %XX : map to ascii(XX)
                    cint = (cint << 4) | val[s.charAt(i+1)];
                    cint = (cint << 4) | val[s.charAt(i+2)];
                    i+=2;
                } else {                            // %uXXXX : map to unicode(XXXX)
                    cint = (cint << 4) | val[s.charAt(i+2)];
                    cint = (cint << 4) | val[s.charAt(i+3)];
                    cint = (cint << 4) | val[s.charAt(i+4)];
                    cint = (cint << 4) | val[s.charAt(i+5)];
                    i+=5;
                }
                sbuf.append((char)cint);
            }
            i++;
        }
        return sbuf.toString();
    }
    public static void main(String[] args) {
     //   String stest = "数据库";
      //  System.out.println(stest);
       // System.out.println(escape(stest));
       //  System.out.println(unescape(escape(stest)));
    }
}

注意:+字符好像没有被编译(可能我水平不够吧)所以接收参数的时候这样出来一下

   c = c.replaceAll(" ", "%2B");
    c = Escape.unescape(c);
这样就解码成功了

url特殊字符转义及解决方法

标签:sans   main   replace   reserve   return   ide   jsp   跳转   0x03   

原文地址:http://www.cnblogs.com/zuge/p/6405015.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!