php ajax post 数据是否需要进行 URI 编码?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18381770/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Does ajax post data need to be URI encoded?
提问by mark_huffington
Regarding this line:
关于这条线:
var data = encodeURIComponent(JSON.stringify(object_literal));
I don't understand why this is being URI encoded.
我不明白为什么这是 URI 编码。
Later data will be sent via ajax POST.
稍后数据将通过ajax POST.
I understand that URLs, particularly the one you can see in the browser address bar require special characters as described here:
我了解 URL,尤其是您可以在浏览器地址栏中看到的 URL,需要特殊字符,如下所述:
http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
But what exactly does this have to do with Ajax posting?
但这与 Ajax 发布究竟有什么关系?
Do both the url address bar and the internal ajax post utilize the same mechanism?
url地址栏和内部ajax帖子是否使用相同的机制?
回答by Josh
It all depends on the content type.
这完全取决于内容类型。
Normally when a <form>uses the HTTP method POST then the form values are URL Encodedand placed in the body of the request. The content type header looks like this:
通常,当 a<form>使用 HTTP 方法 POST 时,表单值是URL 编码的并放置在请求的正文中。内容类型标题如下所示:
content-type: application/x-www-form-urlencoded
Most AJAX libraries will do this by default since it is universally accepted among web servers. However, there is nothing preventing you from simply serializing the data as JSON or XML and then sending it with a different content type.
大多数 AJAX 库都会默认执行此操作,因为它在 Web 服务器中被普遍接受。但是,没有什么可以阻止您简单地将数据序列化为 JSON 或 XML,然后使用不同的内容类型发送它。
content-type: application/json
or
或者
content-type: text/xml
It's worth noting that the payload has nothing to do with AJAX!Under the hood they are all using the XmlHttpRequestobject to send an HTTP request asynchronously to the server. It doesn't matter if you send Plain Text, JSON, XML, or even raw binary data so long as you tell the server how to interpret those bits.
值得注意的是payload与AJAX无关!在幕后,他们都使用XmlHttpRequest对象向服务器异步发送 HTTP 请求。只要您告诉服务器如何解释这些位,发送纯文本、JSON、XML 甚至原始二进制数据都没有关系。
The url encoding is purely a historical artifact of how <form>elements posted their data to the server before AJAX was around.
url 编码纯粹是<form>AJAX 出现之前元素如何将其数据发布到服务器的历史产物。
回答by Matthew
Josh's answer is good, but I think it's missing something. Traditionally form data was posted using the same format as querystrings. eg: param1=value1¶m2=value2and the only difference between a GET and POST is that POST puts these parameters in the message body whereas a GET puts them in the URL. However, the obvious problem is that if your parameter names or values include unescaped characters like &and =, then you'll screw up the server's ability to automatically parse the parameter collection, resulting in corruption of the data. Using Javascript's encodeURIComponent()function on each parameter value will escape all these characters for you.
乔希的回答很好,但我认为它缺少一些东西。传统上,表单数据使用与查询字符串相同的格式发布。例如:param1=value1¶m2=value2GET 和 POST 之间的唯一区别是 POST 将这些参数放在消息正文中,而 GET 将它们放在 URL 中。然而,显而易见的问题是,如果您的参数名称或值包含像&and 之类的未转义字符=,那么您将破坏服务器自动解析参数集合的能力,从而导致数据损坏。encodeURIComponent()在每个参数值上使用 Javascript 的函数将为您转义所有这些字符。
So bottom line: if you are not using the old standard parameter collection on the server side--for example, if you are parsing JSON instead--then there's no need to URL encode the text. Also, there's no reason to URL encode if you aren't parsing out multiple parameters on the server side so running encodeURIComponentonce on the entire message body makes no sense.
所以最重要的是:如果您没有在服务器端使用旧的标准参数集合——例如,如果您正在解析 JSON——那么就不需要对文本进行 URL 编码。此外,如果您不在服务器端解析多个参数,则没有理由进行 URL 编码,因此encodeURIComponent在整个消息正文上运行一次是没有意义的。
Side note: if you are using asp.net and trying to let users pass html to the server, encodeURIComponentwill let you do this without disabling the request validation that normally prohibits this. I don't think sending it as JSON, alone, would accomplish this.
旁注:如果您正在使用 asp.net 并试图让用户将 html 传递到服务器,encodeURIComponent将让您在不禁用通常禁止此操作的请求验证的情况下执行此操作。我不认为单独将它作为 JSON 发送会实现这一点。
回答by cocco
encodeURIComponentis to pass variables over links using GET
encodeURIComponent是通过链接传递变量使用 GET
JSON.stringify()encodes automatically into utf8
JSON.stringify()自动编码为 utf8
only in some rare cases for example when you want to convert strange charachters to base64 the encodeURIComponentis used outside from GET.
仅在极少数情况下,例如当您想将奇怪的字符转换为 base64 时,encodeURIComponent才会在 GET 之外使用。
here is an example
这是一个例子
base64_encode=function(a){
return window.btoa(unescape(encodeURIComponent(a)));
};
https://developer.mozilla.org/en-US/docs/Web/API/window.btoa
https://developer.mozilla.org/en-US/docs/Web/API/window.btoa
said that ..
说..
if you use a REST APIservice everyajax GET requestwhich is a string parameter needs to be encoded with encodeURIComponent.
如果您使用REST API的服务每ajax GET request这是一个字符串参数需要被编码encodeURIComponent。
here is an example using yql
这是一个使用 yql 的例子
回答by Rene Pot
No they do not. There is no need for it when it is send as data through AjaxPOST.
不,他们没有。当它通过AjaxPOST作为数据发送时不需要它。
You can send pure JSON unencoded using AJAX
您可以使用 AJAX 发送未编码的纯 JSON
var ajaxObject = $.ajax({
url: 'url',
type: 'POST',
data: JSON.stringify(object_literal);
});
