Is encoding of the query string needed?

I see that Firefox does NOT enc开发者_如何学JAVAode an URL like http://www.mysite.com/foo?bar=10/12/2010 when it sends a GET request. I know that URLs must be encoded, so I expected to see Firefox requesting http://www.mysite.com/foo?bar=10%2F12%2F2010 (/ = %2F). I inspected the GET requests using Wireshark.

Should the query string in the url be escaped?

I use WebHarvest and I see that when I ask it to download a page with the http directive, an URL like the one above is encoded like I expected (%2F instead of "/").

The / is allowed in plain in the query of a URI:

query       = *( pchar / "/" / "?" )

Anything else must be encoded using the percent-encoding.

If, by escaped, you mean URL-encoded, the short answer is yes.

There are a number of characters that are normally encoded during URL encoding but could normally appear in the URL without problem.

But sometimes the potential problems are not always obvious. I would recommend URL encoding query arguments, and decoding them from your site. After all, if you decode too many times, that should not cause any problem.

Can't reproduce your problem.

<form>
    <input type="hidden" name="bar" value="10/12/2010">
    <input type="submit">
</form>

This displays the proper escape in address bar. Aren't you supplying this URL in an <a> element? Then you need to escape it in the HTML page yourself by either hardcoding it or utilizing the functions provided by the server side language.