Why encodeURIComponent not working if requested string contains quote?

Question

Here how we are getting user company name from session in aspx page

 var Details = "AgentCompanyName=" + encodeURIComponent("<%=((Agent_Html5.AgentClassLib.clsAgentSession)Session["UserSession"]).strAgentCompanyName%>");

above code works fine if strAgentCompanyName doesn't contain quote(single,double) but that in it then it not works. eg. if Agent company name name provided as : David "Mike" Bela solution then it raise error as it is not appropriate string near Mike keyword.

Details = "AgentLastName= David "Mike" Bela solution"

How to handle for single/double quote?

Mitja Kramberger · Accepted Answer · 2016-01-07T10:10:54.283

0

You need to escape double quotes before output for javascript. So that it will be valid syntax. You should use something like:

<%= yourValue.Replace("\"", "\\\"") %>

Also you can use a better way of escaping with javascript:

var Details = "AgentCompanyName=" + $("<div/>").text("<%=yourValue%>").html();

With this you will create in memory DIV element, set value as text and get as escaped HTML.

edited Jan 07 '16 at 10:10

answered Jan 07 '16 at 09:46

Mitja Kramberger

272
1
4

Hi @Mitja Kramberger,How to handle for double quote?? – Kaishu Jan 07 '16 at 09:58
Updated to escape double quotes – Mitja Kramberger Jan 07 '16 at 10:11
so we need to handle it twice as for single and double quote as I did: `<%= strString.Replace("\'","\\\'").Replace("\"","\\\"")%>` right? – Kaishu Jan 07 '16 at 10:24
You only need to do it for double quotes, so there will not be a script/syntax error. Escaping everything else will be done by javascript. – Mitja Kramberger Jan 07 '16 at 10:34

Why encodeURIComponent not working if requested string contains quote?

1 Answers1