Locale-Sensitive JavaScript Method

decodeURI(string);


Internationalization (I18n) Method Overview

The decodeURI method decodes a URI (Uniform Resource Identifier) that has been encoded by calling encodeURI. decodeURI converts hexadecimal UTF-8 encoded values back to their display values, supporting all Unicode characters, even those outside the the Basic Multilingual Plane (BMP), which require two 16-bit values (or four UTF-8 hexadecimal values).

In the following example, the Chinese characters and spaces have been encoded with their hexadecimal UTF-8 values and are then decoded to their original values:

var str = "test.html?name=%E6%BC%A2One%20Two&name2=%F0%A0%80%90Three";
var result = decodeURI(str);

Method returns:

result: test.html?name1=漢One Two&name2=𠀐Three

Click here (w3schools) and here (MDN) for additional details.

I18n Issues

decodeURI and its correlated encodeURI does not handle special characters such as &, +, =. This is a problem for HTTP Get and Post requests, which will treat these as special characters. Therefore, if you have user text being passed as a parameter, and it contains any of these special characters, the HTTP request will interpret the URI incorrectly.

Suggested Replacement

To ensure that the URI is properly encoded to work in HTTP Get and Post requests, call encodeURIComponent. And then, to decode the URI, call decodeURIComponent.

Globalyzer will detect this method and report it as an i18n issue. If you have determined that the call is being handled correctly, you can use Globalyzer's Ignore Comment functionality to ensure that it isn't picked up in a subsequent scan.