URL Kódování - Online URL Encoder

Související Dotazy na StackOverflow

Replacement for URI.escape that avoids Lint/UriEscapeUnescape warnings?

Not sure how to fix Rubocop's Lint/UriEscapeUnescape warning

Tried replacing URI with CGI thinking that was the "drop in" replacement but that blew up the test suite.

Here's the error followed by the line of code where URI is being used:

app/models/media_file.rb:76:5: W: Lint/UriEscapeUnescape: URI.escape method is obsolete and should not be used. Instead, use CGI.escape, URI.encode_www_form or URI.encode_www_form_component depending on your specific use case.    URI ...    ^^^    # app/models/media_file.rb    ...    def cdn_url(format: nil)    if format.nil?      "#{s3_config.cloudfront_endpoint}/#{escape_url(key)}"    elsif converted_urls.with_indifferent_access[format.to_s]      filename = converted_urls.with_indifferent_access[format.to_s]      if URI.parse(escape_url(filename)).host        filename      else        "#{s3_config.cloudfront_endpoint}/#{escape_url(filename)}"      end    else      converted(url)    end  end...  private  def escape_url(url)    URI      .escape(url)      .gsub(/\(/, '%28')      .gsub(/\)/, '%29')      .gsub(/\[/, '%5B')      .gsub(/\]/, '%5D')  end

EDIT: Adding sample output of strings escaped with URI and CGI:

            url: images/medium/test-image.jpgURI.escape(url): images/medium/test-image.jpgCGI.escape(url): images%2Fmedium%2Ftest-image.jpg            url: images/medium/test-image.jpgURI.escape(url): images/medium/test-image.jpgCGI.escape(url): images%2Fmedium%2Ftest-image.jpg

It would appear CGI is not a drop in replacement for URI as the listing error might have you believe. Thoughts?

How to create query parameters in Javascript?

Is there any way to create the query parameters for doing a GET request in JavaScript?
Just like in Python you have urllib.urlencode(), which takes in a dictionary (or list of two tuples) and creates a string like 'var1=value1&var2=value2'.
Should I use encodeForJavascript only for unwanted data in plain text or for unwanted data held by js variable too
Our project recently was found to have DOM-based XSS attack vulnerabilities. I did R&D using the documentation available i.e. 1. https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet 2. https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_SheetI am trying to use ESAPI to fix the below line of code
```
for(var i = 0; i < listOfLinks.length; i++) {$("#listOfLinks").append('<li><a href="' + $("#baseUrl").val() + listOfLinks[i].URL + '" onclick="linkClicked(\'' + listOfLinks[i].URL + '\',\'' + listOfLinks[i].DisplayName + '\', event)">' + listOfLinks[i].DisplayName + '</a></li>');}
```
So the new code looked like below
```
for(var i = 0; i < listOfLinks.length; i++) {var li = document.createElement('li');var a = document.createElement('a');var url = $("#baseUrl").val() + listOfLinks[i].URL;a.setAttribute("href", $ESAPI.encoder().encodeForJavaScript($ESAPI.encoder().encodeForURL(url)));a.onclick = linkClicked.bind(this, listOfLinks[i].URL, listOfLinks[i].DisplayName]);a.innerText = listOfLinks[i].DisplayName;li.appendChild(a);$("#recentlyUsedModules").append(li);}
```
The idea behind this solution being that any Html manipulation should be done using js functions such as createElement, setAttribute and such.
I am facing issue while using a.setAttribute("href"), that if my url is "\link-name" then the user get redirected to /x2Flink/x2Dname, thus throwing page not found. The problem here is that javascript encoding doesn't get reversed.
So my question is, am I using ESAPI incorrectly here. I can clearly see that RULE #5 in https://www.owasp.org/index.php/DOM_based_XSS_Prevention_Cheat_Sheet states that when setting href using setAttribute, we need to Url encode followed by JS encode. Why is the javascript encoding not getting reversed by JS parser?
zuul and not latin symbols in url params

I have zuul gateway with spring boot using by @EnableZuulProxy
When I use the not latin parameter in url I get error in gateway application:

java.lang.IllegalArgumentException: Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 3986 at > org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:479) ~[tomcat-embed-core-8.5.34.jar:8.5.34]
in log traces I see turning of my parameter from ?lastName=dfg%D1%8Bsdfd into ?lastName=dfgÑsdfd
As I understand this is the result of conversion to iso-8859-1 encoding.I tried to use spring-boot-starter-undertow instead of tomcat, but it not have effect.
I have seen discussions of this problem in old posts, but it claims that the problem has been fixed in the current version of spring-cloud
Convert URL into a cpp string

I am trying to encode this URL into a cpp string:
myproject://myresponse/?token=QSDK%2031d8695d&userId=123
I need to store QSDK token in my database, but as you can see there is %20 after "QSDK", I need to convert that %20 into "space character" and store the QSDK token in my DB in this form: "QSDK 31d8695d" . Can someone please help me with this? Is there any built in function to convert url encoding into normal string in cpp?I know there is always an option to find %20 after QSDK and replace it by space but it is not good way. Can you please suggest if any built in functions exist.
I am using wxWidgets, is there any function from wxURI or simialr class which I can use for my purpose?

Cookies

Please note that by viewing our site you agree to our use of cookies (see Soukromí for details). You will only see this message once.

Online URL Encoder

Vložte text, který chcete url kódovat zde:

Zkopírujte URL kódovaný text zde:

Cookies