I want to encode a url (http://www.someurl.com) so that I can add it as a parameter to a GET call:
domain.com/encoded_url
Once received on the other end, I need to be able to decode the url, however, security is not an issue. I rather stick to a simple cipher (must be able to handle special characters like ':' and '?') since the more advanced ciphers produce encoded strings that do not pass as valid URI strings and can't be passed as URL parameters.
What kind of cipher implemented in Ruby would work best for this purpose?
Use Base64.urlsafe_encode64
Base64 is a good idea to use, Ruby provides URL safe implementation of it, because the default will produce characters like + and =. urlsafe_encode64 will use '-' instead of '+' and '_' instead of '+' so they can be passed like URL parameters.
require "base64"
encoded_url = Base64.urlsafe_encode64('http://www.someurl.com', ) #=> "aHR0cDovL3d3dy5zb21ldXJsLmNvbQ=="
decoded_url = Base64.urlsafe_decode64(encoded_url) #=> "http://www.someurl.com"
https://apidock.com/ruby/Base64/urlsafe_encode64
If you really need to encode it and security is not an issue, just use Base64 and then URI escape it.
But there's no need to, just uri escape it.
str = Base64.encode64(url)
encoded_str = URI.encode(str)
btw, this is a semi-possible duplicate
Ruby url encoding string
Related
I don't understand why all my special characters in my url are encoded for example :
new_subscription_url(:session_id => '{CHECKOUT_SESSION_ID}' )
Give me
http://localhost:3000/en/subscriptions/new?session_id=%7BCHECKOUT_SESSION_ID%7D
All special characters are encode. How could I have them not encoded ?
It is not encoded but rather escaped.
According to Internet standard (IETF section 2.4), URI is always in an "escaped" form.
On the side note, if you want to unescape it, you can use
CGI::unescape(new_subscription_url(session_id: '{CHECKOUT_SESSION_ID}' ))
Hello I am constructing a URI from two different strings coming from a source.
String1 = 12345&67890
String2 = 78326832
URI = /api?invoice=String1&supplier=String2
After using concat function available in studio, this is the final URI.
/api?invoice=12345&67890&supplier=78326832
(Get request fails because 67890 is taken as query)
Expected output is
/api?invoice=12345&67890&supplier=78326832
how do I achieve this, Can i use xslt to convert symbols to its HTML entity characters
Your expected output /api?invoice=12345&67890&supplier=78326832 is rather bizarre: there's no context where it makes sense to escape some ampersands (at the XML/HTML level) and leave others unescaped.
I think that what you really want is to use URI escaping (not XML escaping) for the first ampersand, that is you want /api?invoice=12345%2667890&supplier=78326832. If you're building the URI using XSLT 2.0 you can achieve this by passing the strings through encode-for-uri() before you concatenate them into the URI.
But you've given so little information about the context of your processing that it's hard to be sure exactly what you want.
Basically I need to pass three paramaters to a http as get. Here are the parameters
param1 = 3
param2 = 454
param3 = http://localhost:3000/another_test?another_param=4&another_param2=978
This transforms to
http://localhost:3000/test?param1=3¶m2=454¶m3=http://localhost:3000/another_test?another_param=4&another_param2=978
I am just confused whether the URL formed is correct or not. Will this work or is there anyother way to do this. I am using Rails. I did a decode and clicked on the link and I still see the above URL coming. Will this work on the receiever side, meaning will it be decoded as I had intended.
Please advise.
It should work as long as you url encode the params. In that case the & and ? will be transformed, making it possible for Rails to differentiate between the query string parameters and the query string delimiters.
To ensure that it is encoded you can use Rack::Utils.escape or Hash#to_query.
This will be decoded as:
param1=3
param2=454
param3=http://localhost:3000/another_test?another_param=4
another_param2=978
You need to encode param3, or at minimum replace the ampersands in it with the correct URL encoding, in order for it to match back up to your input parameters.
In my app I need to encode a string via base64, escape it's possible special characters and put it into a URL.
I do the following:
string = "random_email#server.com"
enc = OpenSSL::Cipher::Cipher.new('DES-EDE3-CBC')
enc.encrypt('dummy_salt')
encoded = URI.escape(Base64.encode64(enc.update(string) << enc.final))
The problem is, that somehow URI.escape do not escape '/' character. That's completely unacceptable if the encoded string is intended to be used as a URL parameter.
How come URI.escape ignores to escape '/'? Should I user any other .escape then one, which comes from URI? Or should I even use other encoding method (don't think so)?
Any suggestions as to the code are welcome too.
Use CGI.escape instead :-)
require 'cgi'
puts CGI.escape('/') # => "%2F"
If you need to escape html you can also do:
CGI::escapeHTML('Usage: foo "bar" <baz>')
"Usage: foo "bar" <baz>"
Can we use "&" in a url ? or should "and" be used?
Yes, you can use it plain in your URL path like this:
http://example.com/Alice&Bob
Only if you want to use it in the query you need to encode it with %26:
http://example.com/?arg=Alice%26Bob
Otherwise it would be interpreted as argument separator when interpreted as application/x-www-form-urlencoded.
See RFC 3986 for more details.
An URL is generally in the form
scheme://host/some/path/to/file?query1=value&query2=value
So it is not advisable to use it in an URL unless you want to use it for parameters. Otherwise you should percent escape it using %26, e.g.
http://www.example.com/hello%26world
This results in the path being submitted as hello&world. There are other characters which must be escaped when used out of context in an URL. See here for a list.
Unless you're appending variables to the query string, encode it.
encode '&' with & (this answer is based on your use of tags)
If you are asking what to use "&" or "and" when registering the name of your URL, I would use "and".
EDIT: As mentioned in comments "& is an HTML character entity and not a URI character entity. By putting that into a URI you still have the ampersand character and additional extraneous characters." I started answering before fully understanding your question.