3

I am working on a project that I need to pass a string as a url variable. The issue I am haveing is when the strings are being pulled from a database, and contain characters that have to be encoded. When decoding on the other side they drop off after characters like & and +

I can get it to encode and decode properly if I set the string manually... is there a fix or am I doing something wrong.

So for instance If on my encoding page I enter this:

<a href="javascript:ColdFusion.navigate('/jobs/jobTypes.cfm?desc=#encodeForUrl(jobList.list_desc)#', 'center')">Type |</a>

joblist.list_desc is pulling the desc from a cfc that gets the description of a job type and lets say that the description its pulling is "Excavation & Plumbing"

And My recieving page is set up like this:

<cfoutput>
    <table>
         <tr>
            <td width="60%" valign="top" class="subpagetitle">
                 #decodeFromUrl(url.desc)#
            </td>
         </tr>
    </table>
</cfoutput>

It just outputs "Excavation "

Now if I set the string manually like this:

<a href="javascript:ColdFusion.navigate('/jobs/jobTypes.cfm?desc=#encodeForUrl(Excavation & Plumbing)#', 'center')">Type |</a>

Then the url will decode that and out put it like it should be. "Excavation & Plumbing"

If I have it pull a description with out the & in the description it works fine. It will encode and decode spaces, - _ '" all kinds of symbols... I only have this issue when someone has saved a description with the + and & and only when it pulls from the database.

Nick Pittman
  • 31
  • 2
  • What database are you using? And what sort of encoding does it use? – Shawn Sep 19 '18 at 18:51
  • 4
    The values in the `url` scope are already decoded, so no need to `decodeFromUrl()`. Instead you should encode the output: `encodeForHtml(url.desc)` – Alex Sep 19 '18 at 19:23
  • 1
    View the rendered source code for your HTML output. What strings are shown for `#encodeForUrl(jobList.list_desc)#` and `#decodeFromUrl(url.desc)#`. I agree w/ @Alex regarding the user of `encodeForHTML()`. – Adrian J. Moreno Sep 19 '18 at 21:10
  • One other thing to keep in mind is that the `+` symbol has a special meaning in URLs and can sometimes be difficult to encode. It will come out as just a space. ColdFusion's `encodeFor...()` functions should be able to deal with that when used for the proper context. – Shawn Sep 19 '18 at 22:18
  • I was facing a similar issue. I was encoding a string containing the symbol "+" and it was encoded as `%2B`. I was using `urlDecode()` to decode the encoded query string param. But as @Alex mentioned the values in the `url` scope are already decoded so dropping the `urlDecode()` call resolved the issue. Thanks @Alex. – Saurabh Misra Dec 11 '20 at 09:25

0 Answers0