escape
对字符串进行编码,生成新的由十六进制unicode码替换的字符串.该方法不会对ASCII字母、数字和* @ - _ + . / 。编码,其他所有的字符都会被unicode码替换.编码出来的值如果小于等于0xFF,将会用%xx表示 xx <= 0xFF => %xx;如果大于则用%uxxxx表示xx > 0xFF => %uxxxx
解码则采用 unescape
该特性已经从Web标准中删除,但是一些浏览器仍然支持它.
URLs are sequences of characters, i.e., letters, digits, and special characters. ...The interpretation of a URL depends only on the identity of the characters used. In addition, octets may be encoded by a character triplet consisting of the character "%" followed by the two hexadecimal digits (from"0123456789ABCDEF") which forming the hexadecimal value of the octet.
encodeURI
encodeURI函数通过将特定字符的每个实例替换为一个、两个、三或四转义序列(% + 两位16进制数字)来对URI进行编码
encodeURI(URI) => 一个新的字符串,
encodeURI除了; , / ? : @ & = + $(保留字符)、字母 数字 - _ . ! ~ * ' ( )(非转义字符)、#(数字符号)会替换所有字符.
注意:encodeURI自身无法产生能够适用于HTTP GET或POST请求的URI,因为& + = 不会被编码,而在GET和POST请求中,这些属于特殊字符,
解码采用decodeURI
encodeURIComponent
encodeURIComponent函数通过将一个、两个,三个或者四个表示字符的utf-8编码的转义序列(% + 两位16进制数字)替换某些字符的每个序列来编码URI.(对于两个“代理”字符组成的字符而言,将尽是4个转义序列)
encodeURIComponent(URI) => 一个新的字符串
encodeURIComponent除了字母 数字 - _ . ! ~ * ' ( )(非转义字符)之外转义所有字符.
为了避免服务器收到不可预知的请求,对任何用户输入的作为URI部分的内容都需要使用encodeURIComponent进行转义
解码采用decodeURIComponent
直接由浏览器发起的请求,encodeURI或者encodeURIComponent转义后的字符串的编码格式由网页编码决定 而js调用的ajax请求中,IE上转义后采用的gb2312,Firefox采用的是utf-8
URLs are written only with the graphic printable characters of the US-ASCII coded character set. The octets 80-FF hexadecimal are not used in US-ASCII, and the octets 00-1F and 7F hexadecimal represent control characters; these must be encoded. Characters can be unsafe for a number of reasons. The space character is unsafe because significant spaces may disappear and insignificant spaces may be introduced when URLs are transcribed or typeset or subjected to the treatment of word-processing programs.The characters "<" and ">" are unsafe because they are used as the delimiters around URLs in free text; the quote mark (""") is used to delimit URLs in some systems. The character "#" is unsafe and should always be encoded because it is used in World Wide Web and in other systems to delimit a URL from a fragment/anchor identifier that might follow it. The character "%" is unsafe because it is used for encodings of other characters. Other characters are unsafe because gateways and other transport agents are known to sometimes modify such characters. These characters are "{", "}", "|", "", "^", "~", "[", "]", and "`". Many URL schemes reserve certain characters for a special meaning: their appearance in the scheme-specific part of the URL has a designated semantics. If the character corresponding to an octet is reserved in a scheme, the octet must be encoded. The characters ";", "/", "?", ":", "@", "=" and "&" are the characters which may be reserved for special meaning within a scheme. No other characters may be reserved within a scheme. Usually a URL has the same interpretation when an octet is represented by a character and when it encoded. However, this is not true for reserved characters: encoding a character reserved for a particular scheme may change the semantics of a URL. Thus, only alphanumerics, the special characters "$-_.+!*'(),", and reserved characters used for their reserved purposes may be used unencoded within a URL. RFC1738
