Firefox blocks redirection if URL contains high characters

Hi all,

I have a simple script on my web page tha appends one long argument
to the URL and redirects:

Expand|Select|Wrap|Line Numbers

 function GoToUrlArg(_argtype,_href){

 var s=GetArgValue(_argtype);

 a_href=_href+s;

 window.location.href=a_href;

 return (false)}

the function call is placed in an anchor tag in html:

<A HREF="javascript:GoToUrlArg(2,'http://myhost.com?ID=aaaaa')">..</A>

if ID value contains escaped high characters, like for example

ID=%F8e%F8icha

redirection is blocked by Netscape 8.1 browser (nothing happens after click on the link).
It is the high character that matters. Escaped low characters (e.g. "/", like
ID=P425-941%2F3%2C5) causes no problem.

IE (both 6 and 7) redirect as expected.
What is going on here? Is this some new firefox security improvement?

Oct 29 '07 #1

Subscribe Post Reply

2948

drhowarddrfine

7,435

Expert 4TB

An id is not allowed in the standard to begin with a '%'.

Oct 29 '07 #2

RomanKrejci

Thank you for your reply. What standard states that an URL argument cannot start with %? Please note that this is URL argument and NOT the ID of the Html element! The name of URL argument can be (almost) whatever you choose. I could easily change the name of the argument from ID to BLAH and nothing changes. Firefox will still not redirect. Moreover, the fact that the escaped character is the first one in the argument value (and therefore the value starts with %) is unimportant. Prefixing the value with any english character does not change the Firefox behaviour.

Oct 29 '07 #3

acoder

16,027

Expert Mod 8TB

Do you get any errors?

Oct 29 '07 #4

RomanKrejci

Do you get any errors?

No error message, no error entry in the JavaScript console. Netscape
just does absolutely nothing.

I just managed to reproduce the behaviour in a simple example:
launch JavaScript console in Netscape 8.1, enter

window.location.href='http://microsoft.com'

and press evaluate. The window will get filled with response.

Now add an URL argument ARG:

window.location.href='http://microsoft.com?ARG=a'

and press evaluate. Again - the result window gets response.

Now include escaped high character in the argument:

window.location.href='http://microsoft.com?ARG=a%F2'

and press evaluate. Nothing happens.

Now include escaped low character in the argument:

window.location.href='http://microsoft.com?ARG=a%77'

and press evaluate. The result window gets response.

Oct 29 '07 #5

acoder

16,027

Expert Mod 8TB

This is probably for non-ASCII characters. Can you identify the characters that don't work from, for example, this list. Is the encoding UTF-8? If not, you may need to change the settings?

Oct 29 '07 #6

RomanKrejci

This is probably for non-ASCII characters. Can you identify the characters that don't work from, for example, this list. Is the encoding UTF-8? If not, you may need to change the settings?

yes, this is for non-ASCII characters, that's what I am complaining about.
I tried all the high characters in JavaScript console expresion

window.location.href='http://microsoft.com?ARG=aX'
(where X is the escaped high character, like, for example, %90)
and the result is:

with %90 - %BF I get "unterminated string literal" error
with %C0 - %FE Netscape does nothing - no error, no response
with %FF I get "unterminated string literal" error again

The encoding of my original web page is UTF-8, but the encoding does not
play role in JavaScript console, so encoding should not matter.

The unpleasant consequence of this behaviour is that I cannot pass
values conaining accented characters as arguments in http GET request, which seriously breaks my project :-(((

Oct 30 '07 #7

acoder

16,027

Expert Mod 8TB

The unpleasant consequence of this behaviour is that I cannot pass values conaining accented characters as arguments in http GET request, which seriously breaks my project :-(((

I've no idea what might be causing this. It may well be a bug though I'm not sure. Perhaps you could submit a bug report and see what happens.

Oct 31 '07 #8

torinaga

I know that this is a little bit late, but I was searching for the same thing when I came upon this thread and it helped me answer the question.

You probably need to do something like this.

Expand|Select|Wrap|Line Numbers

 window.location = encodeURI("http://mySuperSweetURL.com/?action=winTheLottery");
 

Cheers

Nov 19 '08 #9

acoder

16,027

Expert Mod 8TB

You're correct. You could also use encodeURIComponent() around the special non-ASCII characters.

Thanks for your input.

Nov 20 '08 #10

by: bgbauer70 | last post by:

My appologies if this ends up being a duplicate post. For some reason the first post never showed up. I've tried about 300 iterrations of this same ability, and none of them seem to work in...

Javascript

layer transparent Please HELP!!

by: expertware | last post by:

Dear friends, My name is Pamela, I know little about CSS, but I would like to ask a question I have an image on a web page within a css layer: <DIV ID=MyLayer STYLE = "position:...

HTML / CSS

FIREFOX 1.0.7 AND IE6 viewed through DATATIME: a summary REPORT

by: expertware | last post by:

Ok! to avoid confusion I will start a new argument. Thanks!! FIREFOX 1.0.7 AND IE6 viewed through DATATIME: a summary REPORT ===============================================================...

HTML / CSS

Response.Redirect and Firefox

by: Andy | last post by:

Hi all, I'm having a problem with a response.redirect and firefox. I have an error hanlder setup in the global.asax which issues a response.redirect to a generic error page. This works fine...

C# / C Sharp

TRICK: methods in ASPX pages with <%%> code blocks

by: John Rivers | last post by:

Hello, What good reason there is for not allowing methods in ASPX pages I can't imagine, but here is how to get around that limitation: (START) <body MS_POSITIONING="FlowLayout"> <form...

ASP.NET

AJAX POST problems on Firefox

by: Danny | last post by:

Hi all, I am having some odd problems with AJAX on Firefox (1.5). When I use GET as the request method everything works ok, but when I do a POST the remote function doesn't get the parameters I...

Javascript

Redirection issue

by: souissipro | last post by:

Hi, I have written a C program that does some of the functionalities mentionned in my previous topic posted some days ago. This shell should: 1- execute input commands from standard input,...

C / C++

Firefox - replacing the whole page by the new one in Ajax response

by: evgenyg | last post by:

Hello ! We have the following situation - when Ajax request is sent what's being returned by the server is usually an XML (which is used for DOM updates) but sometimes it's HTML which is a whole...

Javascript

Ent Library Application blocks

by: GaryDean | last post by:

I have just been through the docs on the Data Access Application blocks and it seems that they complicate things more than make things simple. To me it seems that there is nothing more simple and...

ASP.NET

How to turn on java script in a villaon keypad mobile phone

by: Charles Arthur | last post by:

How do i turn on java script on a villaon, callus and itel keypad mobile phone

Java

Batch import of multiple excel files into the database

by: ryjfgjl | last post by:

If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...

Data Management

How to build RAID in BIOS?

by: Hystou | last post by:

There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...

Computer Hardware

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Windows Server

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

Online Marketing

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...

Windows Server

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...

General

Firefox blocks redirection if URL contains high characters

Similar topics