为什么要对逗号 URL 进行编码?
在 ASP.NET MVC 中调试时,我没有看到以下之间的区别:
http://mysite.com?q=hi,bye
和
http://mysite.com?q=hi%2Cbye
查询字符串参数“q”始终具有值“hi,bye”。
那么为什么要对逗号进行编码呢?
我想做这样的事情https://stackoverflow.com/a/752109/173957。
我有这样的形式:
<form method="GET" action="/Search">
<input type="hidden" name="q" value="hi,bye"/>
<input type="submit" value="ok"/>
</form>
如何防止该值被编码?
When debugging in ASP.NET MVC, I don't see a difference between:
http://mysite.com?q=hi,bye
and
http://mysite.com?q=hi%2Cbye
The querystring param "q" always has a value of "hi,bye".
So why is the comma encoded?
I want to do something like this https://stackoverflow.com/a/752109/173957.
I have this form:
<form method="GET" action="/Search">
<input type="hidden" name="q" value="hi,bye"/>
<input type="submit" value="ok"/>
</form>
How can I prevent this value from being encoded?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
URI 规范 RFC 3986 指定 URI 路径组件不包含未编码的保留字符,并且逗号是保留字符之一。对于诸如逗号之类的子分隔符,如果不对其进行编码,则可能会导致字符被视为 URI 方案中的分隔符语法。百分比编码保证字符将作为数据传递。
The URI spec, RFC 3986, specifies that URI path components not contain unencoded reserved characters and comma is one of the reserved characters. For sub-delims such as the comma, leaving it unencoded risks the character being treated as separator syntax in the URI scheme. Percent-encoding it guarantees the character will be passed through as data.
我发现不需要 URL 编码的字符列表:
http://web.archive。 org/web/20131212154213/http://urldecoderonline.com/url-allowed-characters.htm
更新
由于原始链接已损坏,我使用 archive.org 从 2013 年 12 月的页面中获取以下文本
允许的 URL 字符列表
未保留 - 可以进行编码,但不是必需的
保留 - 有时必须编码
I found this list of characters that do not require URL encoding:
http://web.archive.org/web/20131212154213/http://urldecoderonline.com/url-allowed-characters.htm
Update
Since the original link broke, I used archive.org to get the following text from the page from on December 2013
List of allowed URL characters
Unreserved - May be encoded but it is not necessary
Reserved - Have to be encoded sometimes
这确实取决于浏览器。浏览器采用 HTML 表单并根据表单的输入决定如何构建 URL。
如果您使用的是非常旧的(或编程很差)的浏览器,它可能不会对逗号进行编码。如果您遵守 RFC 标准,则确实应该对其进行编码。
如果您想阻止所有浏览器对逗号进行编码,则必须使用 JavaScript 并自行构建 URL。
无论如何,这都不重要,因为无论如何您都应该解码查询字符串参数,并且结果将是相同的。
This is really browser dependent. The browser takes the HTML form and decides how to build the URL based on the form's inputs.
If you're using a really old (or poorly programmed) browser, it may not encode the comma. If you adhere to RFC standards, it really should be encoded.
If you want to prevent the comma from being encoded for all browsers, you would have to use JavaScript and build the URL yourself.
In any case, it shouldn't matter, because you should be decoding the querystring parameters anyway, and the result will be the same.
URL 中存在一些具有特殊含义的字符(如 + ? # 等)或直接不允许的字符(如空格、逗号等)。要在 URL 中使用此类字符,您需要对它们进行编码和解码。 在此处阅读更多内容
ASP.NET 像这样自动编码和解码所有必需的字符,因此您不需要担心他们。
there are several characters that hold special meaning(like + ? # etc) or are directly not allowed(like space, comma etc) in a URL. to use such characters in a URL, u need to encode and decode them. Read more Here
ASP.NET automatically encodes and decodes all required characters like this so u need not worry about them.