Encoding and decoding issues of `<script>` characters using decodeURIComponent and encodeURIComponent
TongKings opened this issue · comments
The following cases were tested:
decodeURIComponent(encodeURIComponent("<script>"));
output: '\x3Cscript>'
But I used other cases and didn't get this problem.
PS: We can eliminate this problem using dual encoding and decoding,as follows:
const str = "<script>";
const encodedStr = encodeURIComponent(encodeURIComponent(str));
const decodedStr = decodeURIComponent(decodeURIComponent(encodedStr));
console.log(decodedStr);
output: "<script>"
Is this a legacy issue?
What problem exactly?
I don't get that in my browser - i get decodeURIComponent(encodeURIComponent('<script>')) === '<script>'
.
What do Function.prototype.toString.call(decodeURIComponent)
and Function.prototype.toString.call(encodeURIComponent)
output?
This looks like an issue with Chrome dev-tools.
decodeURIComponent(encodeURIComponent('<script>')) === '<script>'
is true
in my chrome dev tools, but i do indeed see that the output is escaped on display.
I'll close this then, since it's a chrome-specific bug that should be filed there.
decodeURIComponent(encodeURIComponent('<script>')) === '<script>'
ok,Thank you for your answer