0

I want to replace all the (deprecated) escape() and unescape() calls in our Javascript code with encodeURIComponent, decodeURICompnent or/and encodeURI, decodeURI.

The problem is, that our customers might have strings in their databases, which are already encoded by the deprecate "escape()"-Function, which might not be decoded correctly.

I guess many developers already had to deal with that problem.

One solution would be an update script, but I think there might be other approaches as well.

Any recommendations?

Best regards.

finnk
  • 123
  • 1
  • 1
  • 12
  • 1
    Unless it's Node, why were you even using Javascript to escape strings before database insertion in the first place? That sounds extremely unsafe and begging for a situation like this. Not to mention browsers might have slightly different implementations of it. – Amunium Apr 12 '19 at 07:47
  • Yes, I know. I never implemented that behaviour... – finnk Apr 12 '19 at 12:08
  • Well then maybe you should take this opportunity to fix that now, instead of switching from one basically useless measure to a different basically useless measure. – 04FS Apr 12 '19 at 12:13
  • ??? I want to fix it. That 's why I'm doing this post... Don't you see my problem? Customers stored strings in their DB with the deprecated escape(). I want to get rid of it. What's your suggestion? – finnk Apr 15 '19 at 05:14

0 Answers0