1

I am sending sensitive data encrypted when the user clicks the onclick event. This encrypted data at times contains a plus sign (+) When I retrieve this request variable on the server, the + is getting converted to a whitespace. This causes the decryption to fail.

Example: 

xrUxHtYpO2Yu3Z31ve+KNA==

gets converted to: 

xrUxHtYpO2Yu3Z31ve KNA==

Is there a way escape the string so it is sent as is?

Omnipresent
  • 29,434
  • 47
  • 142
  • 186

2 Answers2

5

The function you're looking for is "encodeURIComponent()":

var encoded = encodeURIComponent("nasty string");

You shouldn't need any code at all on the server side; URL encoding will almost certainly be implicitly un-done by your web framework. (Edit - ah, if you're using some Java/JSP web framework, then you definitely don't have to do anything fancy on the server side.)

Pointy
  • 405,095
  • 59
  • 585
  • 614
2

Try replacing the + with %2B. That came from HTML URL Encoding Reference at W3Schools. Hope this helps!

lhan
  • 4,585
  • 11
  • 60
  • 105
  • I would have done that but I think that is a hack. what if later on there are other characters I am not aware of. I wanted to take the escape route – Omnipresent May 31 '11 at 13:57
  • @Omnipresent - that is true, you'd have to know which characters needed escaped beforehand. But if the `+` was your only problem then you'd be set! :) – lhan May 31 '11 at 14:03
  • @Pointy ahh..yeah. that's why during my pre-SO-google-search I didn't find `escapeURIComponent()` method anywhere on w3schools – Omnipresent May 31 '11 at 14:03
  • `+` was the only one I found. there are 5 million records in total. :) – Omnipresent May 31 '11 at 14:04