Rails: Plus sign in GET-Request replaced by space
That's normal URL encoding, the plus sign is a shorthand for a space:
Within the query string, the plus sign is reserved as shorthand notation for a space. Therefore, real plus signs must be encoded. This method was used to make query URIs easier to pass in systems which did not allow spaces.
And from the HTML5 standard:
The character is a U+0020 SPACE character
Replace the character with a single U+002B PLUS SIGN character (+).
When should space be encoded to plus (+) or %20?
+
means a space only in application/x-www-form-urlencoded
content, such as the query part of a URL:
http://www.example.com/path/foo+bar/path?query+name=query+value
In this URL, the parameter name is query name
with a space and the value is query value
with a space, but the folder name in the path is literally foo+bar
, not foo bar
.
%20
is a valid way to encode a space in either of these contexts. So if you need to URL-encode a string for inclusion in part of a URL, it is always safe to replace spaces with %20
and pluses with %2B
. This is what, e.g., encodeURIComponent()
does in JavaScript. Unfortunately it's not what urlencode does in PHP (rawurlencode is safer).
See Also
HTML 4.01 Specification application/x-www-form-urlencoded
Request Parameter Losing Plus Sign
+
means "space" in URLs. Replace it with %2B
. You could do this just after composing descriptionsUrlAddition
, for example.
descriptionsUrlAddition = descriptionsUrlAddition.replace("+", "%2B");
How to get params for url with whitespace as '%20' instead of '+' in Rails
I would recommend just sticking to the use of a gsub
, perhaps with a comment to explain the need for such behaviour.
While you could solve the problem by use of URI.escape
, it is supposedly deprecated, as it does not fully conform to RFC specs. See here for a great write-up on it.
Hash#to_param
is an alias of Hash#to_query
, which calls Object#to_query
. The simplest example to demonstrate this +
vs %20
issue is:
'John Key'.to_query(:name) # => "name=John+Key"
The implementation of Object#to_query
is:
def to_query(key)
"#{CGI.escape(key.to_param)}=#{CGI.escape(to_param.to_s)}"
end
And so, we find that:
CGI.escape("John Key") # => "John+Key"
Hence, this is why I have referenced the differences between CGI.escape
and URI.escape
.
How to have + in named routes in ruby on rails?
You can't 'simply' do this, you must URL encode it but in this way this will not be accomplished anyway.
Explanation here
My app cannot load some images from the server
Looks like you're not properly encoding your image names in the src
attribute. I'd guess that you have a file with a name like this:
http:--www.urbandictionary.com-define.php?term=slim%20shady.jpg
But when you have this:
src="/images/image_site/http:--www.urbandictionary.com-define.php?term=slim%20shady.jpg?1309465379"
The filename looks like this:
/images/image_site/http:--www.urbandictionary.com-define.php
because everything after the first ?
is considered to be part of the query string.
Replacing the slashes with hyphens is not good enough, you're still leaving all sorts of holes for confusion and nefarious intent. Instead, you should generate the image file names completely, something like id.jpg
where id
is the image's ID in your database. Then, store the original filename in your database and only show that filename (properly encoded!) to people, don't use it in your local file system.
A quick fix would be to properly URL encode your src
attributes. But you really should fix up how you handle the images or you will leave yourself open to all sorts of trouble.
ajax - Why jquery replaces + with a space ( )?
In some GET
and POST
requests (most likely in the URL, or via a form), spaces are encoded as "+" (plus) symbols before they are passed to the server. You can see this behaviour if you do a normal GET
request - you will see something like google.com?q=test+example
If you want to pass a plus symbol via an ajax GET/POST request, you need to "urlencode" it. The URL encoded value for +
is %2B
.
Also note:
The javascript encodeURIComponent() function can be used, as answered in:
AJAX POST and Plus Sign ( + ) -- How to Encode?
Related Topics
Find Classes Available in a Module
What Is the Best/How to Validate an Email Address in Ruby
How to Make a Ruby String Safe for a Filesystem
Why Does Ruby on Rails Use Http://0.0.0.0:3000 Instead of Http://Localhost:3000
Are There Something Like Python Generators in Ruby
How to Do Basic Authentication with Restclient
Using Helpers in Rails 3 to Output HTML
How to Use Jquery-Tokeninput and Acts-As-Taggable-On
Fastest Way to Check If a String Matches a Regexp in Ruby
Preferred Ruby Plugin for Eclipse
Prepend a Single Line to File with Ruby
Establish a Connection to Another Database Only in a Block
Is There a Way Rails 3.0.X Can Default to Using Thin
Rmagick Remove White Background from Image and Make It Transparent
Ruby Dynamic Classes. How to Fix "Warning: Class Variable Access from Toplevel"