escape()

Don't use it, as it has been deprecated since ECMAScript v3.

encodeURI()

Use encodeURI when you want a working URL. Make this call:

encodeURI("http://www.google.com/a file with spaces.html")

to get:

http://www.google.com/a%20file%20with%20spaces.html

Don't call encodeURIComponent since it would destroy the URL and return

http%3A%2F%2Fwww.google.com%2Fa%20file%20with%20spaces.html

encodeURIComponent()

Use encodeURIComponent when you want to encode a URL parameter.

param = encodeURIComponent('http://xyz.com/?a=12&b=55')

url = 'http://domain.com/?param=' + param ;
And you will get this complete URL:

http://www.domain.com/?param=http%3A%2F%2Fxyz.com%2F%Ffa%3D12%26b%3D55

Note that encodeURIComponent does not escape the ' character.

A common bug is to use it to create html attributes such as href='MyUrl', which could suffer an injection bug.

If you are constructing html from strings, either use " instead of ' for attribute quotes, or add an extra layer of encoding (' can be encoded as %27).

For more information on this type of encoding you can check: http://en.wikipedia.org/wiki/Percent-encoding

Best practice: escape, or encodeURI / encodeURIComponent的更多相关文章

  1. js中的三个编码函数:escape,encodeURI,encodeURIComponent

    1. eacape(): 该方法不会对 ASCII 字母和数字进行编码,也不会对下面这些 ASCII 标点符号进行编码: * @ - _ + . / .其他所有的字符都会被转义序列替换.其它情况下es ...

  2. escape()、encodeURI()、encodeURIComponent()区别详解--zt

    JavaScript中有三个可以对字符串编码的函数,分别是: escape,encodeURI,encodeURIComponent,相应3个解码函数:unescape,decodeURI,decod ...

  3. JS转义 escape()、encodeURI()、encodeURIComponent()区别详解

    JavaScript中有三个可以对字符串编码的函数,分别是: escape,encodeURI,encodeURIComponent,相应3个解码函数:unescape,decodeURI,decod ...

  4. javascript之url转义escape()、encodeURI()和encodeURIComponent()

    JavaScript中有三个可以对字符串编码的函数,分别是: escape,encodeURI,encodeURIComponent,相应3个解码函数:unescape,decodeURI,decod ...

  5. escape()、encodeURI()、encodeURIComponent()区别详解

    JavaScript中有三个可以对字符串编码的函数,分别是: escape,encodeURI,encodeURIComponent,相应3个解码函数:unescape,decodeURI,decod ...

  6. escape()、encodeURI()、encodeURIComponent() difference

    escape() 方法: 采用ISO Latin字符集对指定的字符串进行编码.所有的空格符.标点符号.特殊字符以及其他非ASCII字符都将被转化成%xx格式的字符编码(xx等于该字符在字符集表里面的编 ...

  7. JS 字符串编码函数(解决URL特殊字符传递问题):escape()、encodeURI()、encodeURIComponent()区别详解

    javaScript中有三个可以对字符串编码的函数,分别是: escape,encodeURI,encodeURIComponent,相应3个解码函数:unescape,decodeURI,decod ...

  8. JS escape、encodeURI 、encodeURIComponent 编码与解码[转]

    转至:http://jc-dreaming.iteye.com/blog/1702407 本文讨论如何对传递参数用JS编码与解码 1:编码与解码方法的对应关系 escape ------------- ...

  9. 比较escape、encodeURI、encodeURIComponent

    估计很多前端工程师并不清楚escape,encodeURI, encodeURIComponent的区别,也不知道什么时候该用哪个方法,以及这些方法为什么要被用到,下面我主要来阐述一下这三个方法的区别 ...

随机推荐

  1. ember.js:使用笔记10 常用方法

    init: controller中初始化方法,                               //注意该方法是在其他方法之前,所以取不出this,model等值: 跳转:this.tra ...

  2. QUnit使用笔记-5简化编写

    在测试中,如果用到了大量相同的方法返回判断结果,可以将他们简化; 使用push(): push( result/*boolean,result of assert*/, actual, /*objec ...

  3. ZOJ3362 Beer Problem(最小费用任意流)

    题目大概说有n个城市,由m条无向边相连,每条边每天最多运送cap桶酒且其运送一桶的花费是cost.现在从1号城市开始出发运酒,供应到2到n号城市,这些城市的收购单价是price,问最大的盈利是多少. ...

  4. 循环多少次?[HDU1799]

    循环多少次? Time Limit: 3000/1000 MS (Java/Others)    Memory Limit: 65536/32768 K (Java/Others)Total Subm ...

  5. BZOJ3091: 城市旅行

    Description Input Output Sample Input 4 5 1 3 2 5 1 2 1 3 2 4 4 2 4 1 2 4 2 3 4 3 1 4 1 4 1 4 Sample ...

  6. idea_IDEA跑Tomcat异常

    IDEA跑Tomcat异常 具体异常如下 Artifact :war exploded: Server is not connected. Deploy is not avail 根据别人的回答,去掉 ...

  7. PCL 1.6.0 VS2010 Configuration

    Open VS2010, create a new project, then open Property Manager, double-click Microsoft.Cpp.win32.user ...

  8. win95+ie3-win10+ie11 浏览器执行漏洞

    alliedve.htm <!doctype html><html><meta http-equiv="X-UA-Compatible" conten ...

  9. memcached与spring

    key的生成规则 update 与 query 的参数不一样,如何让其生成一样的key 列表缓存如何定义key及失效 最近同事推荐了一个开源项目:Simple-Spring-Memcached(简称s ...

  10. POJ 1573 Robot Motion(BFS)

    Robot Motion Time Limit: 1000MS   Memory Limit: 10000K Total Submissions: 12856   Accepted: 6240 Des ...