应该使用哪个EncodeFor进行定位?

本文介绍了应该使用哪个EncodeFor进行定位?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

应该使用哪个EncodeFor location()?

如果我想通过位置推送一些数据，它应该是什么样?

If I want to push some data via location, what should it look like?

location("obtainBDK.cfm?message=#ErrorMessage#", false); // nothing

OR

location("obtainBDK.cfm?message=#EncodeForHTMLAttribute(ErrorMessage)#", false);

OR

location("obtainBDK.cfm?message=#EncodeForURL(ErrorMessage)#", false);

或

还有什么?

推荐答案

cflocation/location设置Location HTTP标头.浏览器读取此值，并通过HTTP GET请求提及的资源.所述URI应该被编码.

cflocation/location sets the Location HTTP header. The browser reads this value and requests the mentioned resource via HTTP GET. Said URI should be encoded.

现在唯一需要编码的URI部分是查询字符串，该字符串以问号?开头.每个键值对均由编码键，等号=和编码值组成.多对用&符号定界..

Now the only URI part that requires encoding is the query string, which starts with a question mark ?. Each key-value-pair consist of the encoded key, an equal-sign = and the encoded value. Multiple pairs are delimited by an ampersand &.

根据 RFC 1738 :

因此，只有字母数字，特殊字符"$ -_.+！*'()"以及用于保留目的的保留字符可以在URL中未经编码地使用.

Thus, only alphanumerics, the special characters "$-_.+!*'(),", and reserved characters used for their reserved purposes may be used unencoded within a URL.

保留字符示例

未编码的URI: example/path?&=&&===&?

Reserved Characters Example

Unencoded URI: example/path?&=&&===&?

预期的键值对:

- "&": "&" - "=": "=" - "?": ""

但是，正确的解析器只能看到空键和空值.我们需要对键和值进行编码，以免将其用于技术目的.

However, a proper parser would only see empty keys and values. We need to encode keys and values so they are not treated for their technical purpose.

编码的URI: example/path?%26=%26&%3D=%3D&%3F&%20=%20!

现在，根据 RFC 3986 并且不能被解析器弄错.

Now all characters in key and value are percent-encoded according to RFC 3986 and cannot be mistaken by the parser.

kvps = []; key = "message"; val = ErrorMessage; kvps.append( urlEncodedFormat(key) & "=" & urlEncodedFormat(val) ); targetUrl = "btainBDK.cfm?" & arrayToList(kvps, "&"); location(targetUrl, false);

urlEncodedFormat与encodeForUrl

• urlEncodedFormat将空格编码为%20(百分比编码)
• encodeForUrl将空格编码为+( application/x-www-form-urlencoded )

urlEncodedFormat vs. encodeForUrl

• urlEncodedFormat encodes a space as %20 (percent-encoded)
• encodeForUrl encodes a space as + (application/x-www-form-urlencoded)

尽管...

Adob​​e建议您使用EncodeForURL函数，而不是URLEncodedFormat函数，以转义字符串中的特殊字符以在所有新应用程序的URL中使用.

我遇到的问题是，不能正确地区分+是空格还是实际加号，尤其是在上下文更改时(CF<-> JS).因此，不管Adobe对此有何看法，我都会推荐urlEncodedFormat.

I encountered issues where + could not be properly distinguished between being a space or an actual plus sign, especially when the context changes (CF <-> JS). So I would recommend urlEncodedFormat regardless of Adobe's opinion about it.