应该使用哪个EncodeFor进行定位? [英] Which EncodeFor should be used for location?
问题描述
应该使用哪个EncodeFor
location()
?
如果我想通过位置推送一些数据,它应该是什么样?
If I want to push some data via location, what should it look like?
location("obtainBDK.cfm?message=#ErrorMessage#", false); // nothing
OR
location("obtainBDK.cfm?message=#EncodeForHTMLAttribute(ErrorMessage)#", false);
OR
location("obtainBDK.cfm?message=#EncodeForURL(ErrorMessage)#", false);
或
还有什么?
推荐答案
cflocation
/location
设置Location
HTTP标头.浏览器读取此值,并通过HTTP GET请求提及的资源.所述URI应该被编码.
cflocation
/location
sets the Location
HTTP header. The browser reads this value and requests the mentioned resource via HTTP GET. Said URI should be encoded.
现在唯一需要编码的URI部分是查询字符串,该字符串以问号?
开头.每个键值对均由编码键,等号=
和编码值组成.多对用&符号定界.
Now the only URI part that requires encoding is the query string, which starts with a question mark ?
. Each key-value-pair consist of the encoded key, an equal-sign =
and the encoded value. Multiple pairs are delimited by an ampersand &
.
根据 RFC 1738 :
因此,只有字母数字,特殊字符"$ -_.+!*'()"以及用于保留目的的保留字符可以在URL中未经编码地使用.
Thus, only alphanumerics, the special characters "$-_.+!*'(),", and reserved characters used for their reserved purposes may be used unencoded within a URL.
保留字符示例
未编码的URI:
http://example.org/path?&=&&===&?
Reserved Characters Example
Unencoded URI:
http://example.org/path?&=&&===&?
预期的键值对:
- "&": "&"
- "=": "="
- "?": ""
但是,正确的解析器只能看到空键和空值.我们需要对键和值进行编码,以免将其用于技术目的.
However, a proper parser would only see empty keys and values. We need to encode keys and values so they are not treated for their technical purpose.
编码的URI:
http://example.org/path?%26=%26&%3D=%3D&%3F&%20=%20!
现在,根据 RFC 3986 并且不能被解析器弄错.
Now all characters in key and value are percent-encoded according to RFC 3986 and cannot be mistaken by the parser.
kvps = [];
key = "message";
val = ErrorMessage;
kvps.append(
urlEncodedFormat(key) & "=" & urlEncodedFormat(val)
);
targetUrl = "btainBDK.cfm?" & arrayToList(kvps, "&");
location(targetUrl, false);
urlEncodedFormat与encodeForUrl
-
urlEncodedFormat
将空格编码为%20
(百分比编码) -
encodeForUrl
将空格编码为+
(urlEncodedFormat vs. encodeForUrl
urlEncodedFormat
encodes a space as%20
(percent-encoded)encodeForUrl
encodes a space as+
(application/x-www-form-urlencoded)
尽管...
Adobe建议您使用EncodeForURL函数,而不是URLEncodedFormat函数,以转义字符串中的特殊字符以在所有新应用程序的URL中使用.
我遇到的问题是,不能正确地区分
+
是空格还是实际加号,尤其是在上下文更改时(CF<-> JS).因此,不管Adobe对此有何看法,我都会推荐urlEncodedFormat
.I encountered issues where
+
could not be properly distinguished between being a space or an actual plus sign, especially when the context changes (CF <-> JS). So I would recommendurlEncodedFormat
regardless of Adobe's opinion about it.这篇关于应该使用哪个EncodeFor进行定位?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!