1

Trying to send password using xmlHttpRequest from frontend(javascript) with POST and other parameters with names like

"&password=" document.getElementById('password').value

I'm using HttpServletRequest.getparameter to get the parameter string of password like string pswd = request.getparameter("password");

The code works fine with all passwords that have special characters except passwords like these qwe100%qwe, qwe198%qwe When I pass those passwords, if I were to read username or other parameters sent along with password also results in exception[illegalArgumentException] any help is appreciated..

BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
RJ24
  • 49
  • 3
  • 16

1 Answers1

1

You need to use encodeURIComponent on the JavaScript side before passing it to the back end.

That is:

var pass = encodeURIComponent(document.getElementById('password').value);

Note that on the Java side, you should then do a:

URLDecoder.decode(request.getParameter("password"));

EDIT

As @BalusC points out I'm wrong on the Java side - you have already done what is needed on the JavaScript side so you don't need the Java part.

stdunbar
  • 16,263
  • 11
  • 31
  • 53
  • 1
    JavaScript part is correct. Java part is incorrect. Servlet already automatically does that (moreover, the exception the OP faced is indicative for this). When you still explicitly decode it, then you would basically double-decode it, resulting in the same exception. – BalusC May 12 '16 at 08:01
  • Edited - you're correct - thanks for pointing that out. I went through my own code and I didn't do the URLDecoder either - pretty bad when I can't read my own code. – stdunbar May 12 '16 at 13:51