decodeURIComponent vs unescape，unescape有什么问题？ [英] decodeURIComponent vs unescape, what is wrong with unescape?

问题描述

在回答另一个问题时，我发现我的Javascript / DOM知识已经变得有点过时了，因为我仍在使用 escape / unescape 对URL组件的内容进行编码，而我现在应该使用 encodeURIComponent / decodeURIComponent 而不是

In answering another question I became aware that my Javascript/DOM knowledge had become a bit out of date in that I am still using escape/unescape to encode the contents of URL components whereas it appears I should now be using encodeURIComponent/decodeURIComponent instead.

我想知道的是什么是 escape / unescape ？有一些模糊的建议，关于Unicode字符有一些问题，但我找不到任何明确的解释。

What I want to know is what is wrong with escape/unescape ? There are some vague suggestions that there is some sort of problem around Unicode characters, but I can't find any definite explanation.

我的网络体验相当偏见，几乎所有它已经写了大型Intranet应用程序绑定到Internet Explorer。这涉及到许多使用 escape / unescape ，并且涉及的应用程序已经完全支持Unicode多年。

My web experience is fairly biased, almost all of it has been writing big Intranet apps tied to Internet Explorer. That has involved a lot of use of escape/unescape and the apps involved have fully supported Unicode for many years now.

那么什么是Unicode $问题， escape / unescape

So what are the Unicode problems that escape/unescape are supposed to have ? Does anyone have any test cases to demonstrate the problems ?

推荐答案

我想知道的是什么错误的是逃避/ unescape？

What I want to know is what is wrong with escape/unescape ?

他们不是错误，所以他们只是他们自己的特殊字符串格式看起来有点像URI参数编码，但实际上不是。特别是：

They're not "wrong" as such, they're just their own special string format which looks a bit like URI-parameter-encoding but actually isn't. In particular:

• '+'表示加号，而不是空格


• 有一个特殊的％ uNNNN格式用于编码Unicode UTF-16代码点，而不是编码UTF-8字节

所以如果你使用escape（）创建URI参数值，您将获得包含加号或任何非ASCII字符的字符串的错误结果。

So if you use escape() to create URI parameter values you will get the wrong results for strings containing a plus, or any non-ASCII characters.

escape（）可用作内部JavaScript唯一编码方案，例如转义cookie值。然而，现在所有的浏览器都支持encodeURIComponent（这不是最初的），所以没有理由使用转义。

escape() could be used as an internal JavaScript-only encoding scheme, for example to escape cookie values. However now that all browsers support encodeURIComponent (which wasn't originally the case), there's no reason to use escape in preference to that.

只有一个现代用途我知道的逃脱/解开，这是通过利用URIComponent处理中的UTF-8处理来实现UTF-8编码器/解码器的一种快速方法：

There is only one modern use for escape/unescape that I know of, and that's as a quick way to implement a UTF-8 encoder/decoder, by leveraging the UTF-8 processing in URIComponent handling:

utf8bytes= unescape(encodeURIComponent(unicodecharacters));
unicodecharacters= decodeURIComponent(escape(utf8bytes));

这篇关于decodeURIComponent vs unescape，unescape有什么问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！