I am writing a CGI program and need to ensure that the unsafe characters passed in parameters are encoded/decoded correctly. Now I understand URL encoding overall, with unsafe characters being encoded using the % symbol and I know how to write code to encode/decode this.
What I'm unsure about is, how are spaces encoded? What confuses me is that I've seen spaces often encoded as either a + or %20. So suppose I have a CGI program that accepts a search query, the number of results to return and a country, how should this be encoded:
Previously, I've always thought that spaces in URLs should be encoded as %20. But the vast majority of search engines such as Google display spaces in a search term within the results page URL as +, not %20. Also, when posting information in forms, I've seen spaces encoded as + rather than %20 too.
Also, if the parameter originally contained a + itself (e.g. C++), must these + characters *always* be encoded as %2B? The reason I want to know is that I need to write a function to decode the parameters in my CGI program. If it comes across a + in the encoded string I need to know whether to decode this back to a space or leave it alone as it really intended to be a + in the decoded string.
Thanks in Advance,