1

I have a rest api that is used trough JSONP due to cross domain issues , i've implemeted an errorlogger that catches every error that happens on the page and posts it to the server the uri for the error logger is something like :

user/{userId}/message/{errorMessage}/browser/{browser}/browserVer/{browserVer}/secure/{secure}/os/{os}/location/{location}"

the location variable is problematic , how can i pass the window.location.href in the uri ?

i've tried escape,encodeuri,encodeuricomponent do i have to base64 it ? thanks

Amnon
  • 1,241
  • 3
  • 10
  • 19

1 Answers1

0

Escaping sequence for URIs is defined in section 2.4.1 of RFC2396 (Uniform Resource Identifiers):

An escaped octet is encoded as a character triplet, consisting of the
percent character "%" followed by the two hexadecimal digits
representing the octet code. For example, "%20" is the escaped
encoding for the US-ASCII space character.

   escaped     = "%" hex hex
   hex         = digit | "A" | "B" | "C" | "D" | "E" | "F" |
                         "a" | "b" | "c" | "d" | "e" | "f"

This RFC also defines reserved characters for the path component in section 3.3:

Within a path segment, the characters "/", ";", "=", and "?" are reserved.

So you need to use encodeURIComponent() because escape() has been deprecated and encodeURI() does not escape all reserved characters which need to be escaped as per the RFC excerpt above.

The example below shows that only encodeURIComponent() is escaping slashes properly (these are the characters which most likely cause the problems which you are facing):

>>> escape('//');
"//"

>>> encodeURI('//');
"//"

>>> encodeURIComponent('//');
"%2F%2F"

However please note that if possible, you should use POST instead of GET. This is the correct method to use in REST (and in general), as you are sending data from the client to the server (POST) rather than getting them from the server (GET).

Using POST will also allow you to avoid an additional problem. As length of URIs is limited in common web servers, sooner or later you will encounter a request with a very long URI which either gets trimmed or throws an error. Switching to POST will allow you to keep the URI clean and keep the data in the body of the message instead of the URI. See answers to this question for details on URI length limits.

Community
  • 1
  • 1
MicE
  • 5,038
  • 2
  • 29
  • 26
  • Thanks u for the detailed answer , i will try to find out what are the problematic characters and maybe just remove them . i can't move to post tough as i'm working in JSONP – Amnon Jan 26 '11 at 07:59
  • Oh, I see (JSONP). Removing the characters is of course a good option if you won't need to reconstruct the URI later on. Still, if your API allows it, you might want to consider moving the parameters from the path component to the query string - that will help you avoid the URI length limit. We ran into it on one project, at it was not a good experience at all :-/ Note that you'll still need `encodeURIComponent()` for the query string alternative, as {location} values which have their own query parameters might break the request (due to the same reason as now). – MicE Jan 27 '11 at 21:57
  • thanks for the tip regarding the query string , i ended up using base64 for the location parameter as i didn't want to start with specific characters . – Amnon Jan 31 '11 at 14:38