I'm storing multiple information in cookies in j开发者_StackOverflowavascript. The information pieces are separated by a "+" sign, like document.cookie ='cookie1'+'='+inf1+'+'+inf2
.
But when I'm echoing out these cookies from PHP, the separating "+" sign is replaced with a space.
I've tried to echo with addslashes, didn't work. When I'm alerting the the cookie from JS it's alright, it shows the separating "+" sign.
Anyone out there knows a solution for this?
That’s weird — there is no specification that states a cookie should be treated as application/x-www-form-urlencoded:
Netscape’s original draft stated:
NAME=VALUE
This string is a sequence of characters excluding semi-colon, comma and white space. If there is a need to place such data in the name or value, some encoding method such as URL style
%XX
encoding is recommended, though no encoding is defined or required.So this is the plain percent-encoding.
RFC 2109 states:
cookie = NAME "=" VALUE *(";" cookie-av) NAME = attr VALUE = value
Where attr and value are specified as:
attr = token value = word word = token | quoted-string
And token and quoted-string are specified in HTTP/1.1 and can be represented by these regular expressions respectively:
[!#$%&'*+\-.0-9A-Za-z^_`|~]+ "([ \x21\x23-\x7E\x80-\xFF]|(\r\n)?[ \t]+|\\[\x00-\x7F])*"
So this isn’t application/x-www-form-urlencoded either but a different format preferred by HTTP-based extensions.
RFC 2965 doesn’t specify anything different than RFC 2109 regarding the cookie syntax:
cookie = NAME "=" VALUE *(";" set-cookie-av) NAME = attr VALUE = value
Thus the +
, that is only is replaced in application/x-www-form-urlencoded, should not be replaced by a space in cookies. So this is a wrong behavior by PHP.
I know it's not new issue, but for those, who also runs to this problem, here's my solution:
To solve this error use escaped characters instead!
At http://www.w3schools.com/jsref/jsref_escape.asp it says:
This function encodes special characters, with the exception of: * @ - _ + . /
So it means you can insert these characters to the cookie, but won't be able to retrieve through PHP. PHP just and only accepts escaped ASCII chars like '%2B' for '+' '%2A' for '*' etc. Check the Hx column here: http://www.asciitable.com/
So how i solved it (quick and dirty) is that i tried to insert escaped data to the cookie:
function setCookie(c_name,value,exdays){
var exdate=new Date();
var n_value = escape(value).replace(/[+]/g,"%2B").replace(/[*]/g,"%2A").replace(/[@]/g,"%40").replace(/[-]/g,"%2D").replace(/[_]/g,"%5F").replace(/[.]/g,"%2E").replace(/[/]/g,"%2F");
exdate.setDate(exdate.getDate() + exdays);
var c_value = n_value + ((exdays==null) ? "" : "; expires="+exdate.toUTCString());
document.cookie=c_name + "=" + c_value;
}
this escapes the rest of the characters, then replace the exceptions ( +-_@*./ ). It's dirty and I'm pretty sure it can be done someway else, like regexp...etc, but it works for now.
Try it, you'll be satisfied with it!
You could replace +
with it's url code %2B
.
document.cookie = 'cookie1' + '=' + inf1 + '%2B' + inf2;
You should also encode inf1
and inf2
if they might contain unencoded strings (if they're numbers, it's fine). Just search google for "JavaScript urlencode"
精彩评论