1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276
/* * @(#)URLEncoder.java 1.32 06/04/22 * * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ package java.net; import java.io.ByteArrayOutputStream; import java.io.BufferedWriter; import java.io.OutputStreamWriter; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.io.CharArrayWriter; import java.nio.charset.Charset; import java.nio.charset.IllegalCharsetNameException; import java.nio.charset.UnsupportedCharsetException; import java.util.BitSet; import java.security.AccessController; import java.security.PrivilegedAction; import sun.security.action.GetBooleanAction; import sun.security.action.GetPropertyAction; /** * Utility class for HTML form encoding. This class contains static methods * for converting a String to the <CODE>application/x-www-form-urlencoded</CODE> MIME * format. For more information about HTML form encoding, consult the HTML * <A HREF="http://www.w3.org/TR/html4/">specification</A>. * * <p> * When encoding a String, the following rules apply: * * <p> * <ul> * <li>The alphanumeric characters "<code>a</code>" through * "<code>z</code>", "<code>A</code>" through * "<code>Z</code>" and "<code>0</code>" * through "<code>9</code>" remain the same. * <li>The special characters "<code>.</code>", * "<code>-</code>", "<code>*</code>", and * "<code>_</code>" remain the same. * <li>The space character "<code> </code>" is * converted into a plus sign "<code>+</code>". * <li>All other characters are unsafe and are first converted into * one or more bytes using some encoding scheme. Then each byte is * represented by the 3-character string * "<code>%<i>xy</i></code>", where <i>xy</i> is the * two-digit hexadecimal representation of the byte. * The recommended encoding scheme to use is UTF-8. However, * for compatibility reasons, if an encoding is not specified, * then the default encoding of the platform is used. * </ul> * * <p> * For example using UTF-8 as the encoding scheme the string "The * string ü@foo-bar" would get converted to * "The+string+%C3%BC%40foo-bar" because in UTF-8 the character * ü is encoded as two bytes C3 (hex) and BC (hex), and the * character @ is encoded as one byte 40 (hex). * * @author Herb Jellinek * @version 1.32, 04/22/06 * @since JDK1.0 */ public class URLEncoder { static BitSet dontNeedEncoding; static final int caseDiff = ('a' - 'A'); static String dfltEncName = null; static { /* The list of characters that are not encoded has been * determined as follows: * * RFC 2396 states: * ----- * Data characters that are allowed in a URI but do not have a * reserved purpose are called unreserved. These include upper * and lower case letters, decimal digits, and a limited set of * punctuation marks and symbols. * * unreserved = alphanum | mark * * mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")" * * Unreserved characters can be escaped without changing the * semantics of the URI, but this should not be done unless the * URI is being used in a context that does not allow the * unescaped character to appear. * ----- * * It appears that both Netscape and Internet Explorer escape * all special characters from this list with the exception * of "-", "_", ".", "*". While it is not clear why they are * escaping the other characters, perhaps it is safest to * assume that there might be contexts in which the others * are unsafe if not escaped. Therefore, we will use the same * list. It is also noteworthy that this is consistent with * O'Reilly's "HTML: The Definitive Guide" (page 164). * * As a last note, Intenet Explorer does not encode the "@" * character which is clearly not unreserved according to the * RFC. We are being consistent with the RFC in this matter, * as is Netscape. * */ dontNeedEncoding = new BitSet(256); int i; for (i = 'a'; i <= 'z'; i++) { dontNeedEncoding.set(i); } for (i = 'A'; i <= 'Z'; i++) { dontNeedEncoding.set(i); } for (i = '0'; i <= '9'; i++) { dontNeedEncoding.set(i); } dontNeedEncoding.set(' '); /* encoding a space to a + is done * in the encode() method */ dontNeedEncoding.set('-'); dontNeedEncoding.set('_'); dontNeedEncoding.set('.'); dontNeedEncoding.set('*'); dfltEncName = (String)AccessController.doPrivileged ( new GetPropertyAction("file.encoding") ); } /** * You can't call the constructor. */ private URLEncoder() { } /** * Translates a string into <code>x-www-form-urlencoded</code> * format. This method uses the platform's default encoding * as the encoding scheme to obtain the bytes for unsafe characters. * * @param s <code>String</code> to be translated. * @deprecated The resulting string may vary depending on the platform's * default encoding. Instead, use the encode(String,String) * method to specify the encoding. * @return the translated <code>String</code>. */ @Deprecated public static String encode(String s) { String str = null; try { str = encode(s, dfltEncName); } catch (UnsupportedEncodingException e) { // The system should always have the platform default } return str; } /** * Translates a string into <code>application/x-www-form-urlencoded</code> * format using a specific encoding scheme. This method uses the * supplied encoding scheme to obtain the bytes for unsafe * characters. * <p> * <em><strong>Note:</strong> The <a href= * "http://www.w3.org/TR/html40/appendix/notes.html#non-ascii-chars"> * World Wide Web Consortium Recommendation</a> states that * UTF-8 should be used. Not doing so may introduce * incompatibilites.</em> * * @param s <code>String</code> to be translated. * @param enc The name of a supported * <a href="../lang/package-summary.html#charenc">character * encoding</a>. * @return the translated <code>String</code>. * @exception UnsupportedEncodingException * If the named encoding is not supported * @see URLDecoder#decode(java.lang.String, java.lang.String) * @since 1.4 */ public static String encode(String s, String enc) throws UnsupportedEncodingException { boolean needToChange = false; StringBuffer out = new StringBuffer(s.length()); Charset charset; CharArrayWriter charArrayWriter = new CharArrayWriter(); if (enc == null) throw new NullPointerException("charsetName"); try { charset = Charset.forName(enc); } catch (IllegalCharsetNameException e) { throw new UnsupportedEncodingException(enc); } catch (UnsupportedCharsetException e) { throw new UnsupportedEncodingException(enc); } for (int i = 0; i < s.length();) { int c = (int) s.charAt(i); //System.out.println("Examining character: " + c); if (dontNeedEncoding.get(c)) { if (c == ' ') { c = '+'; needToChange = true; } //System.out.println("Storing: " + c); out.append((char)c); i++; } else { // convert to external encoding before hex conversion do { charArrayWriter.write(c); /* * If this character represents the start of a Unicode * surrogate pair, then pass in two characters. It's not * clear what should be done if a bytes reserved in the * surrogate pairs range occurs outside of a legal * surrogate pair. For now, just treat it as if it were * any other character. */ if (c >= 0xD800 && c <= 0xDBFF) { /* System.out.println(Integer.toHexString(c) + " is high surrogate"); */ if ( (i+1) < s.length()) { int d = (int) s.charAt(i+1); /* System.out.println("\tExamining " + Integer.toHexString(d)); */ if (d >= 0xDC00 && d <= 0xDFFF) { /* System.out.println("\t" + Integer.toHexString(d) + " is low surrogate"); */ charArrayWriter.write(d); i++; } } } i++; } while (i < s.length() && !dontNeedEncoding.get((c = (int) s.charAt(i)))); charArrayWriter.flush(); String str = new String(charArrayWriter.toCharArray()); byte[] ba = str.getBytes(charset); for (int j = 0; j < ba.length; j++) { out.append('%'); char ch = Character.forDigit((ba[j] >> 4) & 0xF, 16); // converting to use uppercase letter as part of // the hex value if ch is a letter. if (Character.isLetter(ch)) { ch -= caseDiff; } out.append(ch); ch = Character.forDigit(ba[j] & 0xF, 16); if (Character.isLetter(ch)) { ch -= caseDiff; } out.append(ch); } charArrayWriter.reset(); needToChange = true; } } return (needToChange? out.toString() : s); } }