Open martinheidegger opened 8 years ago
ljharb
commented
8 years ago It seems like that linked issue comes from querystring, not qs, but I'd certainly like to comply with RFC 3986.
A PR, with at least failing tests, would be very appreciated.
I may make this "bugfix" a breaking change, however, just to be safe.
vpanjganj
commented
7 years ago @ljharb can we just fix with something like this ? (it's on MDN doc for encodeURI)
function fixedEncodeURI (str) {
return encodeURI(str).replace(/%5B/g, '[').replace(/%5D/g, ']');
}@vpanjganj that's very unlikely to be the best solution, but i'd first need failing test cases to evaluate it.
dinoboff
commented
6 years ago I think #, [ and ] should be encoded in a query string; see RFC 3986 section 3:
unreserved = ALPHA / DIGIT / "-" / "." / "_" / "˜"
[...]
pct-encoded = "%" HEXDIG HEXDIG
[...]
sub-delims = "!" / "$" / "&" / "’" / "(" / ")" / "*" / "+" / "," / ";" / "="
[...]
pchar = unreserved / pct-encoded / sub-delims / ":" / "@"
[...]
query = *( pchar / "/" / "?" )Note that URLSearchParams encode all reserved chars but *:
const qs = new URLSearchParams();
qs.set('sub-delims', "!$%'()*+,;=");
qs.set('other', ":@");
console.assert(qs.toString() === "sub-delims=%21%24%25%27%28%29*%2B%2C%3B%3D&other=%3A%40")It's not because they are valid that they shouldn't be encoded.
ps: I don't think it's a bug, but a feature request.
stringifyis supposed to be implementing RFC 3986 but RFC 3986 specifies reserved characters as:However
$(as pointed out in request#2129) will be encoded as%24. I guess this is a bug?