W3C compliance and & in my URL

I have site that has been created using Coldfusion. I pass parameters in the URL so my URLs contain '&'.  When I use the W3C validator tool I get many warnings because of the & in the URL.  What should I be doing differently so that I do not get the warnings?
WestCoast_BCAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
COBOLdinosaurConnect With a Mentor Commented:
Yes the % indicate that the value following it is a Hex number representing the ordinal position of the character in the ASCII collating sequence.  You do the same thing with spaces by replacing them with %20

Cd&
0
 
_agx_Commented:
(Edit)

The "&" has a special meaning. It's is reserved for separating parameters in the query string. If you're using it any other way, the & should be properly url encoded. Use URLEncodedFormat():

<!--- notice only the & in the value is encoded --->
<cfoutput>
   <a href="test.cfm?param=#URLEncodedFormat('foo & bar')#&param2=aaaa">Test</a>
</cfoutput>
0
 
WestCoast_BCAuthor Commented:
I am using the & to separate parameters in the query string.  For example, the following gives me warnings and errors in the validator:

<a class="transition" title="Home" href="index.cfm?page_id=24&menu_id=1&Label=About Us" >...</a>

The errors/warnings are:

An entity reference was found in the document, but there is no reference by that name defined. Often this is caused by misspelling the reference name, unencoded ampersands, or by leaving off the trailing semicolon (;). The most common cause of this error is unencoded ampersands in URLs as described by the WDG in "Ampersands in URLs".
This is usually a cascading error caused by a an undefined entity reference or use of an unencoded ampersand (&) in an URL or body text. See the previous message for further details.
If you meant to include an entity that starts with "&", then you should terminate it with ";". Another reason for this error message is that you inadvertently created an entity by failing to escape an "&" character just before this text.
0
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

 
_agx_Connect With a Mentor Commented:
Hm.. they're saying it errors because the validator assumes the &  is an entity like "&copy" and that instead of:

      <a href="foo.cgi?chapter=1&section=2&copy=3&lang=en">...</a>

it should be written as:

<a href="foo.cgi?chapter=1&amp;section=2&amp;copy=3&amp;lang=en">...</a>

I can't try it out at the moment, but .. that's what the validator is expecting.
0
 
Rodrigo MuneraSr. Software EngineerCommented:
(no points)

Yes, _agx_ is correct, you should encode your links in your anchor <a> tags correctly escaping the ampersands, <a href="foo.cgi?chapter=1&amp;section=2&amp;copy=3&amp;lang=en">...</a>.

The browser will properly interpret the escaped ampersands once you click on the link and the URL will look like foo.cgi?chapter=1&section=2&copy=3&lang=en

I now do this in all my coding to stay compliant.
0
 
WestCoast_BCAuthor Commented:
OK, thank you.

Is there a coldfusion or javascript function that will convert a string with & to &amp;?
0
 
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
Did you try the solution you were first given? http:#a39920919
0
 
WestCoast_BCAuthor Commented:
The solution does work.

The reason why I am asking is that I have some URLs that are dynamically created based on a URL provided by a user.  If the user copies a URL from a different site and pastes it into my sight it may contain &.
0
 
Scott Fell, EE MVEDeveloper & EE ModeratorCommented:
What happens when you URLEncode that dynamic data?

no points
0
 
_agx_Connect With a Mentor Commented:
(Edit) You could always parse the url string. URLDecode it then split it on the ? character to separate the base url and url params:

         <cfset parsedURL = URLDecode(theString)>
         <cfset baseURL = getToken(parsedURL, 1, "?")>
         <cfset queryString = getToken(parsedURL, 2, "?")>

Finally, URL encode the query string and put it back together.  I think that would work
 
          <cfset newURL = baseURL>
          <cfif len(queryString)>
               <cfset newURL = listAppend(newURL , URLEncodedFormat(queryString), "?")>
          </cfif>

Reason for URL decoding first is to ensure you don't end up double encoding stuff...
0
 
Rodrigo MuneraSr. Software EngineerCommented:
You can change your encoding using jquery but it won't validate on the w3c checker since it doesn't run client code when validating.

I'm not sure that URLEncodedFormat will escape your ampersands because if you were to use it on the server side and cflocation to encode it, it would pass the encoded ampersand as part of the URI.  and treat "amp;" as part of the query variable, which would cause undesirable behavior.
0
 
WestCoast_BCAuthor Commented:
You can change your encoding using jquery but it won't validate on the w3c checker since it doesn't run client code when validating.

I'm not sure that URLEncodedFormat will escape your ampersands because if you were to use it on the server side and cflocation to encode it, it would pass the encoded ampersand as part of the URI.  and treat "amp;" as part of the query variable, which would cause undesirable behavior.

I am running into this problem if I try to URLEncode the URL when I use CFLocation
0
 
Rodrigo MuneraSr. Software EngineerCommented:
Yeah, when using cflocation you should not escape the ampersand.
0
 
WestCoast_BCAuthor Commented:
I guess I can use ReReplace to replace all & with &amp; in my  URLs
0
 
Rodrigo MuneraSr. Software EngineerCommented:
Yeah, make sure you're not replacing already-escaped ampersands. You don't want a URI

?variable=value&var2=2&amp;var3=3

Open in new window


looking like

?variable=value&amp;var2=2&&amp;var3=3

Open in new window

0
 
_agx_Commented:
> I am running into this problem if I try to URLEncode the URL when I use CFLocation

Well the original issue doesn't really apply to CFLocation. The WC validator is checking what's in the generated HTML.  CFlocation is server side, so it should be a moot point.  

Sounds like you should store the URL's un-encoded, and do the encoding only when and/if you're embedding those url's in the generated html (not to be confused with raw CFML code)
0
 
COBOLdinosaurCommented:
changing & to &amp; is not urlencode.  An url encode & is converted to %26 which is correctly interpreted by virtually every browser and server that exists, and it is 100% W3C compliant.

Cd&
0
 
WestCoast_BCAuthor Commented:
So I should convert by & to %26 instead?
0
 
_agx_Commented:
> changing & to &amp; is not urlencode

Gah... you're right.  Too little sleep and my brain is using url <=> html encoding interchangeably (they're not).  

Time for me to pack it in and switch to single threaded mode ...zzz
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.