duanbei7035
2010-01-07 23:59
浏览 346
已采纳

PHP:urlencode()是一种在URL中允许有效UTF-8字符串的安全方法吗?

I have user submitted tags that can be any type of (valid) UTF-8 string. I want to know if it is safe to include them in the URL merly by running them through urlencode().

In other words, is urlencode() safe to use for valid UTF-8 strings? (by valid I mean id have already force-encoded them to UTF-8)

图片转代码服务由CSDN问答提供 功能建议

我有用户提交的标签,可以是任何类型的(有效)UTF-8字符串。 我想知道通过 urlencode()运行它们是否可以安全地将它们包含在URL中。

换句话说,urlencode()是否安全 用于有效的UTF-8字符串? (通过有效我的意思是id已经强制编码为UTF-8)

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

3条回答 默认 最新

  • doz97171 2010-04-23 16:50
    最佳回答

    urlencode does not depend on a specific character encoding. It just looks at the bytes, interprets them as ASCII characters and replaces any byte that is either not allowed in ASCII (0x80–0xFF) or not allowed in plain in a URL.

    Now to your question: Yes, using urlencode does encode any string in any character encoding to be safely used – but only in the URL query! Because urlencode formats the input according to application/x-www-form-urlencoded that differs from the “normal” percent encoding in how the space is encoded: In application/x-www-form-urlencoded spaces are replaced by + while the “normal” percent encoding replaces them by %20.

    If you want to “normal” percent encoding use rawurlencode instead.

    评论
    解决 无用
    打赏 举报
查看更多回答(2条)

相关推荐 更多相似问题