1

While passing my url, for example something:8000/something.jsp?param1=update&param2=1000&param3=SearchString%&param4=3 , I am getting following error:

Bad Request

Your browser sent a request that this server could not understand.

I know SearchString% which I need to pass as a parameter, has the issue. Then how to pass a parameter containing '%' in URL??

Nidheesh
  • 4,390
  • 29
  • 87
  • 150

2 Answers2

9

Use %25 in place of % In URLs % has a special meaning as an escape character

Special characters like (space) can be encoded like %20 (the ascii code for space/32 in hex)

Therefore a percent sign itself must be encoded using the hex code for % which happens to be 25

You can use http://www.asciitable.com/ to look up the appropriate hex code under the hx column

Alternatively, if you are doing this programatically (ie. with javascript) you can use the builtin function escape() like escape('%')

arcyqwerty
  • 10,325
  • 4
  • 47
  • 84
  • 1
    (It's a nice thing [this conversion method already exists](https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/encodeURIComponent). See also [this question](http://stackoverflow.com/questions/75980/best-practice-escape-or-encodeuri-encodeuricomponent), and avoid use of `escape` here.) –  Sep 12 '12 at 04:38
  • 3
    Also see ["Comparing escape(), encodeURI(), and encodeURIComponent()"](http://xkr.us/articles/javascript/encode-compare/) which discusses *why to avoid `escape`*. –  Sep 12 '12 at 04:42
6

See this: Encode URL in JavaScript?

Basically you need to make sure the variables you are passing are encoded (the '%' character is a special character in URL encoding).

Any special characters - %,?,&, etc... need to be encoded. They are encoded with '%' and their hex number. So '%' should become '%25', '&' becomes '%26', etc.

Update: see When are you supposed to use escape instead of encodeURI / encodeURIComponent? for why you should avoid using escape.

Community
  • 1
  • 1
cegfault
  • 6,442
  • 3
  • 27
  • 49
  • definitely use encodeURIComponent. Most notably it converts "+" which escape leaves alone. – Neil Sep 12 '12 at 05:24