URL parameter double encoding issue in IE 7 & 8
I have a problem with IE(7&8) browser's handling of security certificate errors. Our application needs to send out a secure link to the user's email, consisting of a randomly generated token which may have special characters. So before sending out, we encode the token. The sample URL would be like this:
localhost:8080/myapp?t=7f%26DX%243q9a
When the user opens this in IE, it gives the certificate error page. ("There is a problem with this website's security certificate.") The continue link ON that page re-encodes our token into something else:
localhost:8080/myapp?t=7f开发者_JAVA技巧%2526DX%25243q9a
(Thus the user would be sent to a slightly different URL than what we're expecting, as you can see.)
Here, you can see that the "%" s I'd sent get turned into "%25" s. how can I decode the token correctly after this?
Nasty!
If this is a reproducible bug and not funny behaviour caused by some character set issues or something - it doesn't look like it! - then I think your only way to work around it is to use an encoding method for the parameter that uses only letters and numbers, like base64.
精彩评论