Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

W3C compliance and & in my URL

Posted on 2014-03-11
19
419 Views
Last Modified: 2014-03-22
I have site that has been created using Coldfusion. I pass parameters in the URL so my URLs contain '&'.  When I use the W3C validator tool I get many warnings because of the & in the URL.  What should I be doing differently so that I do not get the warnings?
0
Comment
Question by:WestCoast_BC
  • 6
  • 5
  • 4
  • +2
19 Comments
 
LVL 52

Expert Comment

by:_agx_
ID: 39920919
(Edit)

The "&" has a special meaning. It's is reserved for separating parameters in the query string. If you're using it any other way, the & should be properly url encoded. Use URLEncodedFormat():

<!--- notice only the & in the value is encoded --->
<cfoutput>
   <a href="test.cfm?param=#URLEncodedFormat('foo & bar')#&param2=aaaa">Test</a>
</cfoutput>
0
 

Author Comment

by:WestCoast_BC
ID: 39920964
I am using the & to separate parameters in the query string.  For example, the following gives me warnings and errors in the validator:

<a class="transition" title="Home" href="index.cfm?page_id=24&menu_id=1&Label=About Us" >...</a>

The errors/warnings are:

An entity reference was found in the document, but there is no reference by that name defined. Often this is caused by misspelling the reference name, unencoded ampersands, or by leaving off the trailing semicolon (;). The most common cause of this error is unencoded ampersands in URLs as described by the WDG in "Ampersands in URLs".
This is usually a cascading error caused by a an undefined entity reference or use of an unencoded ampersand (&) in an URL or body text. See the previous message for further details.
If you meant to include an entity that starts with "&", then you should terminate it with ";". Another reason for this error message is that you inadvertently created an entity by failing to escape an "&" character just before this text.
0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 333 total points
ID: 39921018
Hm.. they're saying it errors because the validator assumes the &  is an entity like "&copy" and that instead of:

      <a href="foo.cgi?chapter=1&section=2&copy=3&lang=en">...</a>

it should be written as:

<a href="foo.cgi?chapter=1&amp;section=2&amp;copy=3&amp;lang=en">...</a>

I can't try it out at the moment, but .. that's what the validator is expecting.
0
The New “Normal” in Modern Enterprise Operations

DevOps for the modern enterprise offers many benefits — increased agility, productivity, and more, but digital transformation isn’t easy, especially if you’re not addressing the right issues. Register for the webinar to dive into the “new normal” for enterprise modern ops.

 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39921135
(no points)

Yes, _agx_ is correct, you should encode your links in your anchor <a> tags correctly escaping the ampersands, <a href="foo.cgi?chapter=1&amp;section=2&amp;copy=3&amp;lang=en">...</a>.

The browser will properly interpret the escaped ampersands once you click on the link and the URL will look like foo.cgi?chapter=1&section=2&copy=3&lang=en

I now do this in all my coding to stay compliant.
0
 

Author Comment

by:WestCoast_BC
ID: 39921157
OK, thank you.

Is there a coldfusion or javascript function that will convert a string with & to &amp;?
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39921192
Did you try the solution you were first given? http:#a39920919
0
 

Author Comment

by:WestCoast_BC
ID: 39921217
The solution does work.

The reason why I am asking is that I have some URLs that are dynamically created based on a URL provided by a user.  If the user copies a URL from a different site and pastes it into my sight it may contain &.
0
 
LVL 52

Expert Comment

by:Scott Fell, EE MVE
ID: 39921252
What happens when you URLEncode that dynamic data?

no points
0
 
LVL 52

Assisted Solution

by:_agx_
_agx_ earned 333 total points
ID: 39921262
(Edit) You could always parse the url string. URLDecode it then split it on the ? character to separate the base url and url params:

         <cfset parsedURL = URLDecode(theString)>
         <cfset baseURL = getToken(parsedURL, 1, "?")>
         <cfset queryString = getToken(parsedURL, 2, "?")>

Finally, URL encode the query string and put it back together.  I think that would work
 
          <cfset newURL = baseURL>
          <cfif len(queryString)>
               <cfset newURL = listAppend(newURL , URLEncodedFormat(queryString), "?")>
          </cfif>

Reason for URL decoding first is to ensure you don't end up double encoding stuff...
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39921276
You can change your encoding using jquery but it won't validate on the w3c checker since it doesn't run client code when validating.

I'm not sure that URLEncodedFormat will escape your ampersands because if you were to use it on the server side and cflocation to encode it, it would pass the encoded ampersand as part of the URI.  and treat "amp;" as part of the query variable, which would cause undesirable behavior.
0
 

Author Comment

by:WestCoast_BC
ID: 39921299
You can change your encoding using jquery but it won't validate on the w3c checker since it doesn't run client code when validating.

I'm not sure that URLEncodedFormat will escape your ampersands because if you were to use it on the server side and cflocation to encode it, it would pass the encoded ampersand as part of the URI.  and treat "amp;" as part of the query variable, which would cause undesirable behavior.

I am running into this problem if I try to URLEncode the URL when I use CFLocation
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39921318
Yeah, when using cflocation you should not escape the ampersand.
0
 

Author Comment

by:WestCoast_BC
ID: 39921323
I guess I can use ReReplace to replace all & with &amp; in my  URLs
0
 
LVL 4

Expert Comment

by:Rodrigo Munera
ID: 39921343
Yeah, make sure you're not replacing already-escaped ampersands. You don't want a URI

?variable=value&var2=2&amp;var3=3

Open in new window


looking like

?variable=value&amp;var2=2&&amp;var3=3

Open in new window

0
 
LVL 52

Expert Comment

by:_agx_
ID: 39921397
> I am running into this problem if I try to URLEncode the URL when I use CFLocation

Well the original issue doesn't really apply to CFLocation. The WC validator is checking what's in the generated HTML.  CFlocation is server side, so it should be a moot point.  

Sounds like you should store the URL's un-encoded, and do the encoding only when and/if you're embedding those url's in the generated html (not to be confused with raw CFML code)
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 39921457
changing & to &amp; is not urlencode.  An url encode & is converted to %26 which is correctly interpreted by virtually every browser and server that exists, and it is 100% W3C compliant.

Cd&
0
 

Author Comment

by:WestCoast_BC
ID: 39921463
So I should convert by & to %26 instead?
0
 
LVL 53

Accepted Solution

by:
COBOLdinosaur earned 167 total points
ID: 39921500
Yes the % indicate that the value following it is a Hex number representing the ordinal position of the character in the ASCII collating sequence.  You do the same thing with spaces by replacing them with %20

Cd&
0
 
LVL 52

Expert Comment

by:_agx_
ID: 39921536
> changing & to &amp; is not urlencode

Gah... you're right.  Too little sleep and my brain is using url <=> html encoding interchangeably (they're not).  

Time for me to pack it in and switch to single threaded mode ...zzz
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question