0

Encode,Decode URI in Javascript

Posted by

Try running this piece of javascript, it would throw a “URI malformed” exception.

javascript:alert(decodeURIComponent(escape('http://rushis.com/®')));

The ® character is transformed to %AE, which is not a valid input to decodeURIComponent function.
This issue is clearly evident in the latest prototype js 1.6 framework.

  _getHeaderJSON: function() {
    var json = this.getHeader('X-JSON');
    if (!json) return null;
    json = decodeURIComponent(escape(json));
    try {
      return json.evalJSON(this.request.options.sanitizeJSON ||
        !this.request.isSameOrigin());
    } catch (e) {
      this.request.dispatchException(e);
    }
  },

In the above code, the json object containing one such ® character would get your javascript routines to a screeching halt, there by affecting the rest of the functionality adversely.

The general rule of thumb is to use the intended decode function for a given type of encoding function. Although you can mix one encoding with other decoding function, and getaway with it. The one instance when the issue does occur, it will take a lot of time to debug. So do it right the first time.

use unescape() if encoded with escape()
use decodeURI() if encoded with encodeURI()
use decodeURIComponent() if encoded with encodeURIComponent()

According to the ECMA-262 standard official documentation:
A URI is composed of a sequence of components separated by component separators. The general form is:
Scheme : First / Second ; Third ? Fourth
where the italicised names represent components and the “:”, “/”, “;” and “?” are reserved characters used as separators. The encodeURI and decodeURI functions are intended to work with complete URIs; they assume that any reserved characters in the URI are intended to have special meaning and so are not encoded. The encodeURIComponent and decodeURIComponent functions are intended to work with the individual component parts of a URI; they assume that any reserved characters represent text and so must be encoded so that they are not interpreted as reserved characters when the component is part of a complete URI.

escape (string)
The escape function is a property of the global object. It computes a new version of a String value in which certain characters have been replaced by a hexadecimal escape sequence.
For those characters being replaced whose code unit value is 0xFF or less, a two-digit escape sequence of the form %xx is used. For those characters being replaced whose code unit value is greater than 0xFF, a four-digit escape sequence of the form %uxxxx is used.

unescape (string)
The unescape function is a property of the global object. It computes a new version of a String value in which each escape sequence of the sort that might be introduced by the escape function is replaced with the character that it represents.

Links:
ECMAScript
HTML URL Encoding Reference
JSON
Prototype Js Framework
Javascript Reference

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>