URL编码问题
此部分参考英文资料:
- http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
- http://www.w3schools.com/TAGS/ref_urlencode.asp
- http://www.rfc-editor.org/rfc/rfc2396.txt
在HTTP客户端使用get方法通过URL向服务器发送参数里,由于URL里面只可以包含允许的字符(也称为合法字符),所以一旦参数里面存在非法字符,就必须通过某种手段对其进行合法化转换,在服务器端再将其转换回来,
在RFC1738:Uniform Resource Locators (URL) 规范中,指出URL只能包含AscII集中的一个子集中的字符,这个子集也称作AscII character-set,原文写道:
"...Only alphanumerics [0-9a-zA-Z], the special characters "$-_.+!*'()," [not including the quotes - ed], and reserved characters used for their reserved purposes may be used unencoded within a URL."
实际上URL规范中,字符包括保留字符,非保留字符两种,RFC2396中定义了URL中的保留(reserved)字符为:
Reserved
reserved = ";" | "/" | "?" | ":" | "@" | "&" | "=" | "+" |
"$" | ","
非保留字符为:
Unreserved
unreserved = alphanum | mark
mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
实际上非保留字符就是AscII character-set,此集合之外的字符都被称为非法字符(invalid character)或不安全字符(unsafe character),这些字符都将被编码转换为合法字符(valid character)或叫安全字符(safe charactor),转换的动作在英文常表示为escape。
escape的方式如下规范中所述:
Escaped Encoding
An escaped octet is encoded as a character triplet, consisting of the
percent character "%" followed by the two hexadecimal digits
representing the octet code. For example, "%20" is the escaped
encoding for the US-ASCII space character.
escaped = "%" hex hex
hex = digit | "A" | "B" | "C" | "D" | "E" | "F" |
"a" | "b" | "c" | "d" | "e" | "f"
转换时使用的字符集为ISO-8859-1也称为ISO-Latin或Latin-1,注意不是Unicode,这就引起了新的问题,对于不在ISO-Latin中的符号,就没有一个安全的途径进行编码,因为根据RFC2396(注意这是URI规范,但是对URL适用,因为URL是URI的子集,有兴趣的读者请查阅URL和URI之间的关系),URL里还无法指定自定义的字符集(比如UTF-8)。
虽然根据标准,在URL中我们无法使用非ISO-Latin字符集以外的字符,但是在现实中,为了解决实际问题,大家都有事实上的标准那就是Unicode编码,现行的为UTF-8,现在浏览器都支持UTF-8的URL编码转换,当然,这个时候的转换动作不再叫escape,而是称为URIEncode。另外,UTF-8与Latin-1是兼容的,相关的信息可参考:
- http://www.stanford.edu/~laurik/fsmbook/faq/utf8.html
- http://baike.baidu.com/view/25412.htm
- http://www.permadi.com/tutorial/urlEncoding/
PHP与Javascript相关的URIEncode操作请参见:http://blog.verymore.com/show-989-1.html
GWT的URL编码与解码
使用URL类中的静态方法URL.decode 和 URL.encode来进行。
java.lang.Object
com.google.gwt.http.client.URL
Method Summary | |
static java.lang.String | decode(java.lang.String encodedURL) Returns a string where all URL escape sequences have been converted back to their original character representations. |
static java.lang.String | decodeComponent(java.lang.String encodedURLComponent) Returns a string where all URL component escape sequences have been converted back to their original character representations. |
static java.lang.String | encode(java.lang.String decodedURL) Returns a string where all characters that are not valid for a complete URL have been escaped. |
static java.lang.String | encodeComponent(java.lang.String decodedURLComponent) Returns a string where all characters that are not valid for a URL component have been escaped. |
GAE4Java的编码与解码
实际上,由于写本文的初衷是作者在这个环境下开发程序时想理清这个问题,所以将服务器环境定位为GAE,实际上就是Java下的URL编码问题,可以参考:http://china.manufacturer.com/article/study_for_character_encoding_java.htm。
Java中URI Encoding的相关类为URLEncoder,URLDecoder
示例:
1 String text = java.net.URLEncoder.encode("编码转换", "utf-8");
java.lang.Object
java.net.URLEncoder
Method Summary | |
static String | 使用指定的编码机制将字符串转换为 application/x-www-form-urlencoded 格式。 |
URLDecoder此处略去,同上。
【完】
沒有留言:
張貼留言