Locale-Sensitive JavaScript Method
decodeURI(string);
Internationalization (I18n) Method Overview
The decodeURI method decodes a URI (Uniform Resource Identifier) that has been encoded by calling
encodeURI . decodeURI converts hexadecimal UTF-8 encoded values back to their
display values, supporting all Unicode characters, even those outside the the Basic Multilingual Plane (BMP), which require two 16-bit values (or four UTF-8 hexadecimal
values).
In the following example, the Chinese characters and spaces have been encoded with their hexadecimal UTF-8 values and are then decoded to their original values:
var str = "test.html?name=%E6%BC%A2One%20Two&name2=%F0%A0%80%90Three";
var result = decodeURI(str);
Method returns:
result: test.html?name1=漢One Two&name2=𠀐Three
Click here (w3schools) and
here (MDN) for additional details.
I18n Issues
decodeURI and its correlated encodeURI does not handle special characters such as &, +, = . This is a problem for HTTP Get and Post requests, which will treat these
as special characters. Therefore, if you have user text being passed as a parameter, and it contains any of these special characters, the HTTP request will interpret the URI
incorrectly.
Suggested Replacement
To ensure that the URI is properly encoded to work in HTTP Get and Post requests, call encodeURIComponent .
And then, to decode the URI, call decodeURIComponent .
Globalyzer will detect this method and report it as an i18n issue. If you have determined that the call is being handled correctly, you can
use Globalyzer's Ignore Comment
functionality to ensure that it isn't picked up in a subsequent scan.
Locale-Sensitive JavaScript Methods
|