NSURL 在某些情况下返回 nil [英] NSURL returning nil for certain cases
问题描述
我正在创建一个 NSURL 以作为请求发送到我已经设置的 PHP 其余 API.下面是我的代码:
I'm creating an NSURL to send as a request to a PHP rest API that I've got setup. Here's my code below:
NSMutableString *url = [NSMutableString stringWithFormat:@"http://www.private.com/recievedata.php?item=%@&contact=%@&discovery=%@&summary=%@",__item,__contactDetails,__lostFound,__explain];
//The " ' " in PHP is a special character, so we have to escape it in the URL
//The two slashes are because the "\" itself is a special character in Objective C
NSString *formattedURL = [url stringByReplacingOccurrencesOfString:@"'" withString:@"\\'"];
NSURLSession *session = [NSURLSession sharedSession];
NSURL *address = [NSURL URLWithString:formattedURL];
但出于某种原因,每当我尝试使以下 url 发生时,地址变量都会保持 nil:
For some reason though, the address variable holds nil whenever I try to make the following url happen:
http://www.private.com/recievedata.php?item=hell\'&contact=hell&discovery=lost&summary=hell
我必须在撇号前添加\",这从我的代码中可以明显看出,因为 PHP 需要在其 URL 中对'"进行转义.但是这样做似乎违反了为 NSURL 制定的某些要求.大家怎么看?
I had to add "\" in front of the apostrophes as is evident from my code because PHP needs to have the " ' " escaped in its URLs. But by doing so, it seems like I've violated some requirement set out for NSURL. What do you guys think?
推荐答案
你说:
我必须在撇号前添加\",这从我的代码中可以明显看出,因为 PHP 需要在其 URL 中对'"进行转义.但是这样做,似乎我违反了为 NSURL 制定的一些要求.大家怎么看?
I had to add "\" in front of the apostrophes as is evident from my code because PHP needs to have the " ' " escaped in its URLs. But by doing so, it seems like I've violated some requirement set out for NSURL. What do you guys think?
是的,在您的 PHP 代码中,如果您在字符串值周围使用单引号,那么您必须对出现在字符串文字中的任何 ' 字符进行转义.
Yes, in your PHP code, if you are using single quotation marks around your string values, then you have to escape any ' characters that appear in your string literals.
但不是您应该使用 \ 字符来转义出现在您尝试的值中的 ' 字符的情况传入您的请求的 URL.(也不应该在 POST 请求的正文中这样做.)
But it is not the case that you should be using \ character to escape ' characters that appear in the values you are trying to pass in the URL of your request. (Nor should you do so in the body of a POST request.)
如果您想转义这些 ' 字符,因为您将这些值插入到 SQL 语句中,您不应该手动转义它们.相反,您应该调用 mysqli_real_escape_string或者将值显式绑定到 SQL 中的 ? 占位符.永远不要依赖客户端代码来转义这些值(因为您仍然容易受到 SQL 注入攻击).
And if you are tempted to escape these ' characters because you're inserting these values into SQL statements, you should not be manually escaping them. Instead you should call mysqli_real_escape_string or explicitly bind values to ? placeholders in your SQL. Never rely upon the client code to escape these values (because you'd still be susceptible to SQL injection attacks).
回到 URL 中保留字符的编码,这由 RFC 3986.谨慎的策略是对除未保留字符集中的字符以外的任何字符进行百分比转义.值得注意的是,如果您的值可能包含 & 或 + 字符,则百分比转义至关重要.
Getting back to the encoding of reserved characters in a URL, this is governed by RFC 3986. The prudent strategy is to percent escape any character other than those in the unreserved character set. Notably, if your values might include & or + characters, the percent escaping is critical.
因此,URL 查询值中 ' 字符的正确编码不是 \' 而是 %27.不幸的是,编码 stringByAddingPercentEscapesUsingEncoding 是 不够的,不过(因为它会让某些关键字符在值字符串中未转义).
Thus, the correct encoding of the ' character in a URL query value is not \' but rather %27. Unfortunately, encoding stringByAddingPercentEscapesUsingEncoding is not sufficient, though (as it will let certain critical characters go unescaped in the value strings).
过去,我们使用 CFURLCreateStringByAddingPercentEscapes 百分比转义值(参见 Objective-C 中的 URL 代码).在 Mac OS 10.9 和 iOS 7 中引入的 stringByAddingPercentEncodingWithAllowedCharacters 也可以工作(参见 https://stackoverflow.com/a/24888789/1271826 以说明可能的字符集).
The historically, we'd percent escape value using CFURLCreateStringByAddingPercentEscapes (see Urlencode in Objective-C). The stringByAddingPercentEncodingWithAllowedCharacters, introduced in Mac OS 10.9 and iOS 7, can work, too (see https://stackoverflow.com/a/24888789/1271826 for an illustration of the possible character sets).
这篇关于NSURL 在某些情况下返回 nil的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
