By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
437,636 Members | 1,213 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 437,636 IT Pros & Developers. It's quick & easy.

Escaping/encoding in an href with javascript

P: n/a
I am puzzled by some behavior that I'm seeing and I hope that someone
can enlighten me. It will take me a few moments to explain the
problem, but it does relate to javascript eventually.

I need to include one URL's query string in the contents of a second
URL. So for example, URL 1 might be

http://www.example.com/pageone.html?param1=value1

and then (conceptually) URL 2 would be

http://www.example.com/pagetwo.html?qs=param1=value1

Clearly this is not a legal query string because of the second "=". I
need to encode the query string from URL 1, which is easy enough to do
on the server side, so that the actual rendering of URL 2 becomes

http://www.example.com/pagetwo.html?qs=param1%3Dvalue1

So far so good. Now I want to put URL 2 as the href of an <atag, and
on the server side, when someone clicks on it, be able to extract out
the original query string from URL 1. This works fine if I do
something like this:

<a
href="http://www.example.com/pagetwo.html?qs=param1%3Dvalue1">click</a>

But I actually need to do some other things besides a simple GET
request, so my href is a javascript call:

<a href="javascript:
doSomething('http://www.example.com/pagetwo.html?qs=param1%3Dvalue1')">click</a>

Now finally we get to my problem. In this scenario, the URL appears to
be decoded before it ever gets anywhere, much less all the way back to
the server. If the first line of the doSomething() function is to call
alert() on the parameter passed in, it has already turned the %3D back
into an = sign. This does not make sense to me. Naturally, this means
that on the server side I cannot extract out the query string from URL
1 as I would like to.

Interestingly, if I do a similar technique but use the onclick of the
<atag instead of the href, the URL comes through as planned (i.e.
still with %3D). So there's something strange about the combination of
javascript and the href attribute. I have tried this in both IE 6 and
FF 1.5.0.6 with the same results, so at least it's consistent, and
there's probably some reason for it that I'm not aware of. (There is a
reason I can't use the onclick, or else I would most likely not be
asking for help.)

Can anyone shed some light on why this happens?

Sep 1 '06 #1
Share this Question
Share on Google+
2 Replies


P: n/a
ASM
j.*******@gmail.com a écrit :
>
my href is a javascript call:

<a href="javascript:
doSomething('http://www.example.com/pagetwo.html?qs=param1%3Dvalue1')">click</a>

If the first line of the doSomething() function is to call
alert() on the parameter passed in, it has already turned the %3D back
into an = sign.
function see(strg) { alert(strg); }

onclick="see('me%3Dboy')" --result : me%3Dboy
href="javascript:see('me%3Dboy')" --result : me=boy

var strg1 = 'me%3Dboy';
href="javascript:see(strg1)" --result : me%3Dboy
href="javascript:see('me%'+'3Dboy')" --result : me%3Dboy
href="javascript:see('me\x253Dboy')" --result : me%3Dboy
href="javascript:see('me%253Dboy')" --result : me%3Dboy
This does not make sense to me.
Because browser translates (decode) your parameter '%3D'
as it use to do whith any href

Tou can deceive the browser doing : '%'+'3D or '\x253D' or '%253D'

\x25 hexacode for %
\x25 similar as %25

You can also use a variable.

--
Stephane Moriaux et son [moins] vieux Mac
Sep 1 '06 #2

P: n/a

ASM wrote:
j.*******@gmail.com a écrit :

my href is a javascript call:

<a href="javascript:
doSomething('http://www.example.com/pagetwo.html?qs=param1%3Dvalue1')">click</a>

If the first line of the doSomething() function is to call
alert() on the parameter passed in, it has already turned the %3D back
into an = sign.

function see(strg) { alert(strg); }

onclick="see('me%3Dboy')" --result : me%3Dboy
href="javascript:see('me%3Dboy')" --result : me=boy
I think I understand the way things work, based on your examples, so
thank you for that.
This does not make sense to me.

Because browser translates (decode) your parameter '%3D'
as it use to do whith any href
I remain puzzled by this. Only javascript in combination with the href
attribute causes this decoding behavior. If I just use the href
attribute (no javascript) and give it a URL with %3D in it, that URL
comes through to the server side un-decoded. I could understand if the
browser really did decode anything in the href attribute (although not
sure why this would be a good thing), but this is not the case.

Sep 5 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.