Referencia de JavaScript 1.5:Funciones globales:encodeURIComponent
De MDC
Tabla de contenidos |
[editar] Summary
Core Function
Encodes a Uniform Resource Identifier (URI) component by replacing each instance of certain characters by one, two, or three escape sequences representing the UTF-8 encoding of the character.
[editar] Syntax
encodeURIComponent(String)
[editar] Parameters
-
String - A component of a Uniform Resource Identifier.
[editar] Description
encodeURIComponent escapes all characters except the following: alphabetic, decimal digits, - _ . ! ~ * ' ( )
For security reasons, you should call encodeURIComponent on any user-entered parameters that will be passed as part of a URI. For example, a user could type "Thyme &time=again" for a variable comment. Not using encodeURIComponent on this variable will give comment=Thyme%20&time=again. Note that the ampersand and the equal sign mark a new key and value pair. So instead of having a POST comment key equal to "Thyme &time=again", you have two POST keys, one equal to "Thyme " and another (time) equal to again. This is super, super, super dangerous if you are using PHP with register_globals turned on.