搜索中的撇号(智能引号)会抛出 Apache 400 Bad Request
我的 Web 应用程序中有一个搜索表单,当您使用撇号(智能引号,即 ' 而不是 进行搜索时,该表单会引发 Apache 400 Bad Request 错误) ')。当有人从 Microsoft Word(自动将刻度线转换为智能引号)复制并粘贴时,就会发生这种情况。
该表单会引发 GET 请求,该请求将搜索字符串放入 URL 中。即使我对字符串进行编码,也会导致此错误。我应该怎么做才能让它发挥作用?
<script type="text/javascript">
function zend_submit_main() {
var query = $('#search_field').val();
if(query != '') {
var search_field = '/query/' + escape(query);
var url = '/search/results' + search_field + '/active-tab/contacts';
window.location = url;
}
return false;
}
</script>
<form id="search_form" method="GET" onsubmit="zend_submit_main(); return false;">
<input type="text" value="search by contact name" onFocus="if (this.value=='search by contact name') { this.value=''; }" onBlur="if (this.value=='') { this.value='search by contact name'; }" name="search_field" id="search_field" style="width:160px;" />
<input type="submit" value="Go" />
</form>
I have a search form in my web application that throws an Apache 400 Bad Request error when you search using an apostrophe (smart quote, i.e. ’ not '). This happens when someone copy and pastes from Microsoft Word (which automatically converts tick marks to smart quotes).
The form causes a GET request which puts the search string in the URL. Even when I encode the string, it causes this error. What should I do to get this to work?
<script type="text/javascript">
function zend_submit_main() {
var query = $('#search_field').val();
if(query != '') {
var search_field = '/query/' + escape(query);
var url = '/search/results' + search_field + '/active-tab/contacts';
window.location = url;
}
return false;
}
</script>
<form id="search_form" method="GET" onsubmit="zend_submit_main(); return false;">
<input type="text" value="search by contact name" onFocus="if (this.value=='search by contact name') { this.value=''; }" onBlur="if (this.value=='') { this.value='search by contact name'; }" name="search_field" id="search_field" style="width:160px;" />
<input type="submit" value="Go" />
</form>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
使用
encodeURIComponent而不是escape:escape不是标准函数,并且不会根据RFC 3986 指定的百分比编码。例如,'编码为"%u2019。Use
encodeURIComponentinstead ofescape:escapeis not a standard function and does not encode the value according to the Percent-encoding as specified by RFC 3986.’for example is encoded as"%u2019.