2669 2006-01-06 14:44:40 +0000 URL encoding in JavaScript/PHP 2006-01-06 15:38:45 +0000 1 1 1 Unclassified Validator Parser HEAD PC Windows 2000 RESOLVED INVALID http://bungalan.nl/test.php P2 normal --- 1 info link www-validator-cvs oldest_to_newest 7672 0 info 2006-01-06 14:44:40 +0000 Hello, the following has kept me busy for some time. While validating pages I've noticed a problem with URLs in JavaScript. I'm supposed to encode all & into &amp; in a page and in <A> tags. The validator requires me to encode strings in JavaScript also. But this will cause trouble for PHP script. I've created a sample (/simple) page that demonstrates the issue: ---------------------------------------------------------------------- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Language" content="en" /> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Validator test</title> <script language="JavaScript" type="text/javascript"> function openLink() { window.location.href = '<?php echo $_SERVER['SCRIPT_NAME']; ?>?a=1&amp;b=2'; } </script> </head> <body> <a href="<?php echo $_SERVER['SCRIPT_NAME']; ?>?a=1&amp;b=2">open via link</a><br /><br /> <form method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>?a=1&amp;b=2"> <input type="submit" value="open via form" /><br /><br /> </form> <input type="button" value="open via jscript" onclick="openLink()" /><br /><br /> <pre><?php // show submitted vars var_dump($_REQUEST); ?></pre> </body> </html> ---------------------------------------------------------------------- The link and form methods will correctly output: array(2) { ["a"]=> string(1) "1" ["b"]=> string(1) "2" } The JavaScript method however will output: array(2) { ["a"]=> string(1) "1" ["amp;b"]=> string(1) "2" } So with the JS method it seems the URL isn't decoded. I'm wondering what the problem is... a) It's not required to encode JS strings, and the validator incorrectly checks them; b) PHP isn't decoding for some reason; c) the browser doesn't handle the string as it should (tested with latest MS IE and Mozilla FF); d) I'm all wrong and there is a better way to do what I want. Would be nice to hear what other people think. Regards, Willem 7674 1 bjoern 2006-01-06 14:57:57 +0000 Your XHTML is probably parsed as HTML; XHTML and HTML define different requirements for parsing <script> elements, in HTML escapes such as &amp; will not be decoded, in XHTML they would; use the application/xhtml+xml media type for such XHTML documents, external scripts, or one of the <![CDATA[]]> escaping methods you'll find all over the web to solve this. See the www-validator mailing list archives for details. 7677 2 info 2006-01-06 15:38:45 +0000 Hi, setting the header did the trick, thanks! <?php header('Content-Type: application/xhtml+xml'); ?> Willem