Re: &-separator from a form

Greg Marr wrote:
> There is no need to URL-encode the ampersand.  It needs to be protected from
> the HTML parser, not the network layers.  URL encoding it will only help if you
> write your script to handle it, and isn't a general-purpose solution.  Using
> & instead of & will protect it from the HTML parser, which is all that is
> necessary.

The original poster wanted to include the ampersand as part of the value
of a name=value pair.  Since the ampersand is the name=value pair
seperator in html, it is necessary to url encode it if you want an
ampersand as part of the value.

If name: x and value: hello&goodbye the value must be encoded so the
ampersand is not lost and goodbye is not treated as a new argument.  I
believe this is what he was asking.  The only thing that & is good
for is for use in web pages.  It can not be used for encoding a url
because a) it contains the ampersand itself and b) it is translated to a
"&" before the form/url is queried.

If you want to have name=value&thisvalue as a name value pair, the
_only_ way to accomplish this is to say name=value%26thisvalue and then
decode it in your cgi program.

Kyle George

Received on Monday, 4 January 1999 03:08:20 UTC