CodeIgniter URI中的百分比符号 [英] Percent Symbol in CodeIgniter URI
问题描述
我需要将编码字符串传递给CodeIgniter控制器。
示例:
$ b b
DOSOMETHING / Coldplay / Fix + You / 273 / X +%26 + Y /
$ b b
我的问题是一个不允许的字符的百分比符号。我已尝试更改配置文件与以下:
$ config ['permitted_uri_chars'] ='az 0-9 〜%。:_ \-\ + \%';
+ code>%无效。你能帮我改变这个reg,所以它会允许%符号?提前感谢!
将 - 放在字符串的末尾,否则获取解释为范围。
$ config ['permitted_uri_chars'] ='az 0- 9〜%。:_ + - ;
再次。这是为什么你得到您提交的URI不允许的字符。
strong>:向允许的字符列表中添加& 。
$ config ['permitted_uri_chars' ] ='az 0-9〜%。:_ +& - ';
详细解释 / p>
有两件事物在一起。
A) CodeIgniter检查所有URI 细分标记不允许的字符。这是通过将允许的字符列入白名单。可以在 $ config ['permitted_uri_chars'] 变量中的 system / application / config / config.php 默认值设置为'a-z 0-9〜%。:_-'。因此,允许从a到z,空格,所有数字和以下字符*〜%。:_-的所有字母。
az 0-9〜%。:_-
DO_SOMETHING / Coldplay / Fix + You / 273 / X + 26 + Y / //注意缺少的%
但等待加号 + 的内容?它不在允许的字符列表中!但是URI没有被抱怨?这是您的问题的关键。
B) CodeIgniter urldecodes 白名单字符检查之前的URI段,以防止有人通过简单地对URI进行urlencoding来绕过检查。因此, + 会解码为空格。此行为是因为 urlencode (将空格编码为 + 号,偏离从 RFC 1738 )。这就解释了为什么允许 + 号。
这两个组合也解释了为什么这个特定的URI不起作用。
urldecode(DO_SOMETHING / Coldplay / Fix + You / 273 / X +%26 + Y /)//计算为
// DO_SOMETHING / Coldplay / Fix You / 273 / X& Y /
糟糕... urldecoding将%26 strong>&
这不是允许的字符。 Mistery ;-)解决了
I need to pass an encoded string to a CodeIgniter controller.
Example:
DOSOMETHING/Coldplay/Fix+You/273/X+%26+Y/
My problem is the percent symbol that is a disallowed character. I've tried to change the config file with the following:
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-\+\%';
The + is ok, but the % is not valid. Can you help me to change this reg exp so it will allow the % symbol? Thanks in advance!
Put the "-" at the end of the string otherwise it gets interpreted as range. The % is already in the allowed character list as you can see.
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_+-';
Ahem... after looking at your sample string again. Here is why you get "The URI you submitted has disallowed characters".
Short explanation: Add the ampersand & to the allowed characters list
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_+&-';
Long explanation
There are 2 things playing together.
A) CodeIgniter checks all URI segments for disallowed characters. This happens by whitelisting allowed characters. Which ones are allowed can be checked in /system/application/config/config.php in the $config['permitted_uri_chars'] variable. The default value is set to something like 'a-z 0-9~%.:_-'. Thus all letters from a to z, space, all numbers and the following characters *~%.:_- are allowed.
Ok let us compare that to your sample URI which you say works
a-z 0-9~%.:_-
DO_SOMETHING/Coldplay/Fix+You/273/X+26+Y/ //note the missing %
All characters are ok... but wait what about the plus sign +? It's not in the list of allowed characters! And yet the URI is not complained about? This is the key to your problem.
B) CodeIgniter urldecodes the URI segments prior to the whitelist-character-check to prevent that someone circumvents the check by simply urlencoding the URI. Thus the + gets decoded to a space. This behaviour is because of urlencode (which encodes spaces as + sign, deviating from RFC 1738). That explains why the + sign is allowed.
These two things combined explain also why this specific URI doesn't work.
urldecode(DO_SOMETHING/Coldplay/Fix+You/273/X+%26+Y/) //evaluates to
//DO_SOMETHING/Coldplay/Fix You/273/X & Y/
Whoops... the urldecoding translates %26 to an &
Which isn't an allowed character. Mistery ;-) solved
这篇关于CodeIgniter URI中的百分比符号的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
