3

I've looked everywhere, and haven't found a single definitive answer in iOS. I'm trying to escape ampersands in my URL queries, but 

stringByAddingPercentEncodingWithAllowedCharacters(NSCharacterSet.URLQueryAllowedCharacterSet())

doesn't help.

As a dirty work-around, I've just been using 

stringByReplacingOccurrencesOfString("&", withString: "and", options: NSStringCompareOptions.LiteralSearch, range: nil)

although this isn't the safest bet. What's the right way.

itsji10dra
  • 4,603
  • 3
  • 39
  • 59
slider
  • 2,736
  • 4
  • 33
  • 69

3 Answers3

4

You can replace it with %26. I'm not clear on why URLQueryAllowedCharacterSet() isn't catching it though.

itsji10dra
  • 4,603
  • 3
  • 39
  • 59
john elemans
  • 2,578
  • 2
  • 15
  • 26
2

I guess following code should work.

NSMutableString * lQueryString = [NSMutableString string];
NSMutableCharacterSet * lQueryAllowedCharacterSet = [[NSMutableCharacterSet alloc]init];
[lQueryAllowedCharacterSet formUnionWithCharacterSet:[NSCharacterSet URLQueryAllowedCharacterSet]];
[lQueryAllowedCharacterSet removeCharactersInString:@"&"];

[lQueryString appendString: [@"SampleQueryValue&" stringByAddingPercentEncodingWithAllowedCharacters: lQueryAllowedCharacterSet]];
NSLog(@"%@",lQueryString);

Output

SampleQueryValue%26

I am not sure if there are more characters which needs to be removed from QueryAllowedCharacterSet.

Ideal way would be https://stackoverflow.com/a/26539134/2987764

Community
  • 1
  • 1
Sahil Doshi
  • 1,073
  • 10
  • 23
1

If you don't need to support anything before 10.10 or iOS 8, you can use NSURLQueryItem with NSURLComponents.

If you need to support older versions of OS X or iOS, then the definitive answer can be found in URL Session Programming Guide:

CFStringRef encodedString = CFURLCreateStringByAddingPercentEscapes(
    kCFAllocatorDefault,
    originalString,
    NULL,
    CFSTR(":/?#[]@!$&'()*+,;="),
    kCFStringEncodingUTF8);

with appropriate __bridge and __bridge_transfer casts, as needed.

The problem with your earlier approach is that the older NSURL APIs were designed... well, not to put too fine a point on it, wrong. The APIs assumed that you would want to encode an entire query string or even an entire URL at once, so they leave ampersands and other similar reserved characters alone. This is, of course, not typically what you would really want to do in practice, but it is the way that the original NSURL APIs all behaved.

As an added note, if you are trying to stick the result into, for example, an HTML attribute, you need to do the above, and then encode it a second time using an HTML entity encoding method. See Question 1105169 for help with that second step.

Community
  • 1
  • 1
dgatwood
  • 10,129
  • 1
  • 28
  • 49