How to escape a JSON string to have it in a URL?

Question

Using Javascript, I want to generate a link to a page. The parameters to the page are in a Javascript array that I serialize in JSON.

So I would like to generate a URL like that :

http://example.com/?data="MY_JSON_ARRAY_HERE"

How do I need to escape my JSON string (array serialized) to include it as a parameter in a URL ?

If there's a solution using JQuery I'd love it.

Note: Yes, the parameters to the page need to be in an array because there are a lot of them. I think I'll use bit.ly to shorten the links afterwards.

See also http://stackoverflow.com/questions/21802866/how-to-compress-url-parameters — w00t, Jun 09 '15 at 08:48

score 244 · Accepted Answer · answered Jul 24 '11 at 13:55

244

encodeURIComponent(JSON.stringify(object_to_be_serialised))

answered Jul 24 '11 at 13:55

Delan Azabani

79,602
28
170
210

13

It seems though that it encodes more characters than necessary (when I paste the link in Firefox, some characters are reverted back (i.e. `{["`). Is there a way to encode only the characters necessary, so that I can shorten my urls ? – Matthieu Napoli Jul 24 '11 at 14:23

score 24 · Answer 2 · edited May 23 '17 at 12:34

I was looking to do the same thing. problem for me was my url was getting way too long. I found a solution today using Bruno Jouhier's jsUrl.js library.

I haven't tested it very thoroughly yet. However, here is an example showing character lengths of the string output after encoding the same large object using 3 different methods:

2651 characters using jQuery.param
1691 characters using JSON.stringify + encodeURIComponent
821 characters using JSURL.stringify

clearly JSURL has the most optimized format for urlEncoding a js object.

the thread at https://groups.google.com/forum/?fromgroups=#!topic/nodejs/ivdZuGCF86Q shows benchmarks for encoding and parsing.

Note: After testing, it looks like jsurl.js library uses ECMAScript 5 functions such as Object.keys, Array.map, and Array.filter. Therefore, it will only work on modern browsers (no ie 8 and under). However, are polyfills for these functions that would make it compatible with more browsers.

for array: https://stackoverflow.com/a/2790686/467286
for object.keys: https://stackoverflow.com/a/3937321/467286

Since 0.1.4 it's also compatible with IE 6-8 if you still need those. — Stoffe, Aug 29 '16 at 15:35

score 20 · Answer 3 · answered Jul 24 '11 at 13:55

You could use the encodeURIComponent to safely URL encode parts of a query string:

var array = JSON.stringify([ 'foo', 'bar' ]);
var url = 'http://example.com/?data=' + encodeURIComponent(array);

or if you are sending this as an AJAX request:

var array = JSON.stringify([ 'foo', 'bar' ]);
$.ajax({
    url: 'http://example.com/',
    type: 'GET',
    data: { data: array },
    success: function(result) {
        // process the results
    }
});

Chris Johnson · Answer 4 · 2022-11-03T20:04:43.573

I'll offer an alternative. Sometimes it's easier to use a completely different encoding, especially if you're dealing with a variety of systems that don't all handle the details of URL encoding the same way.

Rather than URL-encoding the data, you can base64-encode it. The benefit of this is the encoded data is very generic, consisting only of alpha characters and sometimes trailing ='s. Example:

JSON array-of-strings:

["option", "Fred's dog", "Bill & Trudy", "param=3"]

That data, URL-encoded as the data param:

"data=%5B%27option%27%2C+%22Fred%27s+dog%22%2C+%27Bill+%26+Trudy%27%2C+%27param%3D3%27%5D"

Same, base64-encoded:

"data=WyJvcHRpb24iLCAiRnJlZCdzIGRvZyIsICJCaWxsICYgVHJ1ZHkiLCAicGFyYW09MyJd"

The base64 approach can be a bit shorter, but more importantly it's simpler. I often have problems moving URL-encoded data between cURL, web browsers and other clients, usually due to quotes, embedded % signs, shell expansion of wildcards, and so on. Base64 is very neutral and very portable because there are no special characters in its output.

Many systems use this approach. For example in the Kubernetes ecosystem, kubectl edit secret represents all secrets in base64 to avoid encoding issues and to make non-printable binary data easily copy-and-pastable.

problem with base64 strings is that they can contain slash (/) character, which would invalidate url... — ingbabic, Feb 27 '20 at 10:45
That’s true but you can choose the characters to use in base64: replace `/` with `$`, `_` or any other character that doesn’t require url encoding per RFC 3986. — Chris Johnson, Mar 22 '20 at 17:04

score 11 · Answer 5 · edited Nov 13 '13 at 01:12

11

Using encodeURIComponent():

var url = 'index.php?data='+encodeURIComponent(JSON.stringify({"json":[{"j":"son"}]})),

edited Nov 13 '13 at 01:12

Timo Tijhof

10,032
6
34
48

answered Jul 24 '11 at 13:55

genesis

50,477
20
96
125

score 0 · Answer 6 · answered Nov 30 '12 at 07:12

0

Answer given by Delan is perfect. Just adding to it - incase someone wants to name the parameters or pass multiple JSON strings separately - the below code could help!

JQuery

var valuesToPass = new Array(encodeURIComponent(VALUE_1), encodeURIComponent(VALUE_2), encodeURIComponent(VALUE_3), encodeURIComponent(VALUE_4));

data = {elements:JSON.stringify(valuesToPass)}

PHP

json_decode(urldecode($_POST('elements')));

Hope this helps!

answered Nov 30 '12 at 07:12

foxybagga

4,184
2
34
31

There's no need to urldecode() data which comes in PHP $_POST or any other (GET, REQEST, etc.). Depending on what you do from here on, you might be opening yourself for a security issue (SQL injection, etc.) – Tit Petric Jul 27 '17 at 07:25

How to escape a JSON string to have it in a URL?

6 Answers6

Linked

Related