apache URL 中是否允许使用方括号?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/40568/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Are square brackets permitted in URLs?
提问by Benedikt Waldvogel
Are square brackets in URLs allowed?
URL 中是否允许使用方括号?
I noticed that Apache commons HttpClient(3.0.1) throws an IOException, wget and Firefox however accept square brackets.
我注意到Apache commons HttpClient(3.0.1) 抛出 IOException,wget 和 Firefox 但是接受方括号。
URL example:
网址示例:
http://example.com/path/to/file[3].html
My HTTP client encounters such URLs but I'm not sure whether to patch the code or to throw an exception (as it actually should be).
我的 HTTP 客户端遇到这样的 URL,但我不确定是修补代码还是抛出异常(实际上应该如此)。
回答by Justin Cormack
RFC 3986states
RFC 3986状态
A host identified by an Internet Protocol literal address, version 6 [RFC3513] or later, is distinguished by enclosing the IP literal within square brackets ("[" and "]"). This is the only place where square bracket characters are allowed in the URI syntax.
由 Internet 协议文本地址(版本 6 [RFC3513] 或更高版本)标识的主机通过将 IP 文本括在方括号(“[”和“]”)中来区分。这是 URI 语法中唯一允许使用方括号字符的地方。
So you should not be seeing such URI's in the wild in theory, as they should arrive encoded.
所以理论上你不应该看到这样的 URI,因为它们应该是经过编码的。
回答by MM.
I know this question is a bit old, but I just wanted to note that PHP uses brackets to pass arrays in a URL.
我知道这个问题有点老了,但我只想注意 PHP 使用方括号在 URL 中传递数组。
http://www.example.com/foo.php?bar[]=1&bar[]=2&bar[]=3
In this case $_GET['bar']will contain array(1, 2, 3).
在这种情况下$_GET['bar']将包含array(1, 2, 3).
回答by Lee
Any browser or web-enabled software that accepts URLs and is not throwing an exception when special characters are introduced is almost guaranteed to be encoding the special characters behind the scenes. Curly brackets, square brackets, spaces, etc all have special encoded ways of representing them so as not to produce conflicts. As per the previous answers, the safest way to deal with these is to URL-encode them before handing them off to something that will try to resolve the URL.
任何接受 URL 并且在引入特殊字符时不会抛出异常的浏览器或支持 Web 的软件几乎都可以保证在幕后对特殊字符进行编码。大括号、方括号、空格等都有特殊的编码方式来表示它们,以免产生冲突。根据之前的答案,处理这些问题的最安全方法是先对它们进行 URL 编码,然后再将它们交给尝试解析 URL 的东西。
回答by olibre
Square brackets [and ]in URLs are not often supported.
通常不支持方括号[和]in URL。
Replace them by %5Band %5D:
将它们替换为%5B和%5D:
Using a command line, the following example is based on
bashandsed:url='http://example.com?day=[0-3][0-9]' encoded_url="$( sed 's/\[/%5B/g;s/]/%5D/g' <<< "$url")"Using Java
URLEncoder.encode(String s, String enc)Using PHP
rawurlencode()orurlencode()<?php echo '<a href="http://example.com/day/', rawurlencode('[0-3][0-9]'), '">'; ?>output:
<a href="http://example.com/day/%5B0-3%5D%5B0-9%5D">or:
<?php $query_string = 'day=' . urlencode('[0-3][0-9]') . '&month=' . urlencode('[0-1][0-9]'); echo '<a href="http://example.com?', htmlentities($query_string), '">'; ?>Using your favorite programming language... Please extend this answer by posting a comment or editing directly this answer to add the function you use from your programming language ;-)
使用命令行,以下示例基于
bash和sed:url='http://example.com?day=[0-3][0-9]' encoded_url="$( sed 's/\[/%5B/g;s/]/%5D/g' <<< "$url")"使用 PHP
rawurlencode()或urlencode()<?php echo '<a href="http://example.com/day/', rawurlencode('[0-3][0-9]'), '">'; ?>输出:
<a href="http://example.com/day/%5B0-3%5D%5B0-9%5D">或者:
<?php $query_string = 'day=' . urlencode('[0-3][0-9]') . '&month=' . urlencode('[0-1][0-9]'); echo '<a href="http://example.com?', htmlentities($query_string), '">'; ?>使用您最喜欢的编程语言...请通过发表评论或直接编辑此答案来扩展此答案,以添加您在编程语言中使用的功能;-)
For more details, see the RFC 3986specifying the URL syntax. The Appendix Ais about %-encodingin the query string (brackets as belonging to “gen-delims”to be %-encoded).
有关更多详细信息,请参阅指定 URL 语法的RFC 3986。的附录A是关于%-encoding在查询字符串(括号为属于“GEN-delims”是%-encoded)。
回答by 1729
Pretty much the only characters not allowed in pathnames are # and ? as they signify the end of the path.
几乎唯一不允许出现在路径名中的字符是 # 和 ? 因为它们象征着道路的尽头。
The uri rfc will have the definative answer:
uri rfc 将有明确的答案:
http://www.ietf.org/rfc/rfc1738.txt
http://www.ietf.org/rfc/rfc1738.txt
Unsafe:
Characters can be unsafe for a number of reasons. The space character is unsafe because significant spaces may disappear and insignificant spaces may be introduced when URLs are transcribed or typeset or subjected to the treatment of word-processing programs. The characters "<" and ">" are unsafe because they are used as the delimiters around URLs in free text; the quote mark (""") is used to delimit URLs in some systems. The character "#" is unsafe and should always be encoded because it is used in World Wide Web and in other systems to delimit a URL from a fragment/anchor identifier that might follow it. The character "%" is unsafe because it is used for encodings of other characters. Other characters are unsafe because gateways and other transport agents are known to sometimes modify such characters. These characters are "{", "}", "|", "\", "^", "~", "[", "]", and "`".
All unsafe characters must always be encoded within a URL. For example, the character "#" must be encoded within URLs even in systems that do not normally deal with fragment or anchor identifiers, so that if the URL is copied into another system that does use them, it will not be necessary to change the URL encoding.
不安全:
出于多种原因,字符可能不安全。空格字符是不安全的,因为当 URL 被转录或排版或经受文字处理程序的处理时,重要的空格可能会消失,并且可能会引入不重要的空格。字符“<”和“>”是不安全的,因为它们被用作自由文本中 URL 的分隔符;引号 (""") 用于在某些系统中分隔 URL。字符“#”是不安全的,应始终进行编码,因为它在万维网和其他系统中用于从片段/锚点分隔 URL可能跟在它后面的标识符。字符“%”是不安全的,因为它用于其他字符的编码。其他字符是不安全的,因为网关和其他传输代理有时会修改这些字符。这些字符是“{”、“}”、“|”、“\”、“^”、“~”、“[”、“]”和“`”。
所有不安全的字符必须始终在 URL 中编码。例如,即使在通常不处理片段或锚标识符的系统中,字符“#”也必须在 URL 中编码,这样如果 URL 被复制到另一个使用它们的系统中,则无需更改网址编码。
The answer is that they shouldbe hex encoded, but knowing postel's law, most things will accept them verbatim.
答案是它们应该是十六进制编码的,但是知道 postel 定律,大多数事情都会逐字接受它们。
回答by Casebash
StackOverflow seems to not encode them:
StackOverflow 似乎没有对它们进行编码:
回答by rjray
For using the HttpClient commons class, you want to look into the org.apache.commons.httpclient.util.URIUtil class, specifically the encode() method. Use it to URI-encode the URL before trying to fetch it.
要使用 HttpClient 公共类,您需要查看 org.apache.commons.httpclient.util.URIUtil 类,特别是 encode() 方法。在尝试获取 URL 之前,使用它对 URL 进行 URI 编码。
回答by 17 of 26
According to the URL specification, the square brackets are not valid URL characters.
根据URL 规范,方括号不是有效的 URL 字符。
Here's the relevant snippets:
这是相关的片段:
The "national" and "punctuation" characters do not appear in any productions and therefore may not appear in URLs.
national { | } | vline | [ | ] | \ | ^ | ~
punctuation < | >
“国家”和“标点”字符不会出现在任何作品中,因此可能不会出现在 URL 中。
国家 { | } | 线| [ | ] | \ | ^ | ~
标点符号 < | >
回答by Ben Scheirman
Best to URL encode those, as they are clearly not supported in all web servers. Sometimes, even when there is a standard, not everyone follows it.
最好对这些进行 URL 编码,因为显然并非所有 Web 服务器都支持它们。有时,即使有标准,也不是每个人都遵守。
回答by sixtytrees
Square brackets are considered unsafe, but majority of browsers will parse those correctly. Having said that it is better to replace square brackets with some other characters.
方括号被认为是不安全的,但大多数浏览器会正确解析它们。话虽如此,最好用其他一些字符替换方括号。
