0

I am passing some parameters from UI to backend API. But, I want to encode those params before sending to backend.

I thought to use function encodeURIComponent(), but that will not help, as it is used for encoding the URLs.

dataInfo contains all the params that will be passed to backend.

        var dataInfo = {};
        dataInfo.pId = "584e88f472f94906b09e04a8";
        dataInfo.aId = localStorage.aId;
        dataInfo.fName = fName;
        dataInfo.fJson = fJson;
        dataInfo.userName = localStorage.username;

and dataInfo is getting passed to data while calling backend API.

    $.ajax({
            type: "POST",
            url: localStorage.idataInfoApi,
            data: JSON.stringify(dataInfo),
            contentType: "text/html",
            dataType: "html",
        });

Please guide me on how can I encode the complete dataInfo into UTF encoded format, so that resulting data will be in byte[].

  • Any reason why you don't pass the JSON directly to the API? – Александр Фишер Aug 27 '19 at 08:07
  • yes, because one of the param, named fJson contains the information of excel sheet uploaded to the project. All the content of excel sheet will be visible in UI after successful API call. If it will be passed directly without encoding then it can create a problem. For e.g, Suppose excel sheet has any script tag in any column and an alert within it, then it will result in displaying the alert rather than showing it as it is in UI..so encoding is needed. –  Aug 27 '19 at 08:12
  • Hm, so you're adding the content of an excel sheet into `dataInfo.fJson` without sanitizing it? Do you have a html table as your excel sheet or a binary excel file? It is still not clear to me how your final request looks like. How are you going to display the content of th excel sheet after a successful API call to the user if it contains any JavaScript in a column? – Александр Фишер Aug 27 '19 at 08:22
  • 1
    Can you explain exactly what you think "UTF *Encoded* Format" is please? – freedomn-m Aug 27 '19 at 08:46
  • You might want `encode()` or `btoa()` if you want a binary format (as implied by "resulting data will be in `byte[]`) – freedomn-m Aug 27 '19 at 08:47
  • Possible duplicate of [How can you encode a string to Base64 in JavaScript?](https://stackoverflow.com/questions/246801/how-can-you-encode-a-string-to-base64-in-javascript) – freedomn-m Aug 27 '19 at 08:47
  • @АлександрФишер yes !! I am having a html table same as excel sheet data. If it contains any javascript code, then it should not perform functionality of js, instead it should display it as it is..means the same way as it is present in excel sheet. For this purpose only, i want to encode the data before sending it to api. –  Aug 27 '19 at 08:59
  • @freedomn-m , The backend API is developed in a way that it will accept the params from UI in UTF-Encoded format. And object type is Byte[]. So trying to send the params in this way only. –  Aug 27 '19 at 09:21
  • @CAS so you have to escape the content of the html table anyway, also before posting it to the API. – Александр Фишер Aug 27 '19 at 09:45
  • How to do that, i am not getting. The answer posted by @abdulhaq shah is not helping. Can u plz guide what else i need to do. –  Aug 27 '19 at 09:52

1 Answers1

0

I hope this will answer your query. The best option is to use encodeURIComponent. May be your missing content type.

$.ajax({
        type: "POST",
        url: localStorage.idataInfoApi,
        data:"q="+encodeURIComponent( dataInfo ),
        scriptCharset: "utf-8" ,
        contentType: "application/x-www-form-urlencoded; charset=UTF-8",
    });
Abdulhaq Shah
  • 542
  • 2
  • 15
  • This is not helping. Params are getting passed as q: [object+Object], and getting 500 exception in response from API. status: 500 error: Internal Server Error exception: org.json.JSONException message: A JSONObject text must begin with '{' at 1 [character 2 line 1] –  Aug 27 '19 at 09:19
  • Please guide me further –  Aug 27 '19 at 10:10
  • @CAS [here](https://www.w3schools.com/jsref/tryit.asp?filename=tryjsref_encodeuricomponent) you can check out with your data and response your will get after encoding. – Abdulhaq Shah Aug 27 '19 at 10:19
  • I know this function, but using this is giving error in API call. –  Aug 27 '19 at 10:27
  • I think your API is expecting json and you are sending encoding data – Abdulhaq Shah Aug 27 '19 at 10:42
  • If this is the issue, then why in params section I am getting q:[object,Object] ?? –  Aug 27 '19 at 10:47