Meta refresh with semicolon

Question

I have semicolon as query string separator in my urls instead of and (&).
My problem is that when I try to do a meta refresh to a url with semicolon in query string it will translate it to %253b instead. So when forwarded, I can't read the query string parameters as the separator is not there anymore. example:

http://domain.com/?foo=1;bar=2

becomes:

http://domain.com?foo=1%253bbar=2

How can I solve this, so it doesn't translate the semicolon when doing a meta refresh?

Grateful for any help!

Do you have a server-side language to work with? [PHP has `urldecode()`](http://www.php.net/manual/en/function.urldecode.php), for example, that can deal with this. — David Thomas, Feb 26 '11 at 00:35
Please consider using rawurlencode() and rawurldecode(), which correctly follow the related standards. — danorton, Sep 14 '11 at 02:48

krtek · Answer 1 · 2011-09-14T01:58:15.590

2

UPDATE

As pointed in the comments, ; is a valid character for an url which is reserved for a purpose not specified in the RFC. Like pointed by danorton in its own answer, the problem seems to be a double encoding of the URL.

As it is, it is impossible to provide a solution without more information about the environment and the exact situation when the problem occurs.

However, like stated in my previous wrong answer, I stay on my position concerning the use of & as a separator. Using something else is asking for problems in my opinion.

my "wrong" answer

I don't think ; is a valid character for an url, so it seems normal to me that it get encoded. There's a reason & is used, why do you want to change that ?

Doing something like this is asking for problems. It's already pretty hard to get things working on all the browsers and OSes combination, why makes things even harder ?

If you want to stick with this and you're using PHP, have a look at urlencode() and parse-url()

edited Sep 14 '11 at 01:58

answered Feb 26 '11 at 01:55

krtek

26,334
5
56
84

2

That's correct, the semi-colon is a reserved character. You cannot use it. Jason, you are lucky the browser is fixing it for you instead of just nuking it. http://www.blooberry.com/indexdot/html/topics/urlencoding.htm – Brad Feb 26 '11 at 02:07
Wrong, the semicolon is *not* reserved in a URL query string and, in fact, is the *recommended* separator in place of the ampersand because the semicolon is also not a reserved character in HTML. – danorton Sep 14 '11 at 01:29
@danorton Recommended by whom? – sdleihssirhc Sep 14 '11 at 01:49
1

After reading the [RFC](http://www.rfc-editor.org/rfc/rfc1738.txt), `;` is a reserved character, as in reserved to be used like `&` and others. I was wrong about that... But whom is recommending to use `;` also interests me, do you have any source for this @danorton ? – krtek Sep 14 '11 at 01:54
Reviewing my notes, the recommendations were actually informal in RFC and W3 discussions. The reasoning is that the ampersand is considerably more problematic and more often than not is improperly encoded within a URL embedded in HTML. (Browser kits have hacks in them to account for this extremely common coding error.) – danorton Sep 14 '11 at 02:21
Also, please nuke the seriously problematic urlencode(), in favor of rawurlencode(). For the record, a query string within a URL can have just about any unencoded graphic ASCII character with the exception of percent (%) and pound/hash (#). From there, there’s a lot of underlying code that follows various conventions and standards. PHP will work fine with either the ampersand or semicolon, but defaults to the ampersand. See arg_separator.input and arg_separator.output for details. – danorton Sep 14 '11 at 02:43

danorton · Answer 2 · 2011-09-14T01:45:03.063

The problem is that the query string is being encoded twice, when it needn’t be encoded at all. This is probably because the code that encodes and decodes the query string (which you don’t mention) is expecting the traditional ampersand (&) query string separator and feels free to encode everything else.

Original: foo=1;bar=2

1st encoding (semicolon → %3B): foo=1%3bbar=2

2nd encoding (percent → %25): foo=1%253bbar=2

score 1 · Answer 3 · edited Oct 07 '21 at 06:11

Using single quotes for the url will fix the issue.

<meta http-equiv="refresh" content="0;URL='http://domain.com/?foo=1;bar=2'">

Most browsers (Firefox, Chrome, Safari, Opera) will probably redirect to the full url atm without the quotes, but Internet Explorer (IE10 too) will discard the part after the second semicolon without the single quotes.

Uri Syntax RFC3986

Semicolon as separator: https://www.rfc-editor.org/rfc/rfc3986#section-3.3
Reserved characters: https://www.rfc-editor.org/rfc/rfc3986#appendix-A

: / ? # [ ] @ ! $ & ' ( ) * + , ; =

W3C-Recommendation

Using meta refresh: http://www.w3.org/TR/WCAG20-TECHS/H76.html
";" instead of "&": http://www.w3.org/TR/1999/REC-html401-19991224/appendix/notes.html#h-B.2.2

Meta refresh with semicolon

3 Answers3

UPDATE

my "wrong" answer

Linked