Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

FAQ: Frequently Asked Questions about CGI Programming
Section - 4.6 I'm using CGI with QUERY_STRING embedded in my HTML, but it gets corrupted?

( Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Business Photos and Profiles ]


Top Document: FAQ: Frequently Asked Questions about CGI Programming
Previous Document: 4.5 How can I run my CGI program 'live' in a debugger?
Next Document: SECTION 5 - FURTHER READING
See reader questions & answers on this topic! - Help others by sharing your knowledge

The problem is the & character, which has two separate special meanings:
- In HTTP (and hence CGI) it is a separator in your QUERY_STRING
- In HTML it is an escape character

So when it appears in an HTML context, it should be encoded.  If you need
a link to myprog.cgi with QUERY_STRING "a=1&b=2" you should write
<a href="myprog.cgi?a=1&amp;b=2">my program</a>
which the browser's HTML parser will convert to what you wanted.

There are possible browser problems here, although they appear to be
limited to older browsers.  Some other approaches are:
- Use a different separator character in CGI programs when called in this
  manner.  Or even a completely different encoding.  This is safe, but may
  be much more work unless your CGI library supports setting a different
  separator character.
- Avoid any parameters whose names include that of any HTML entity.
  This runs a possible risk if the set of entities changes in future,
  or when browsers introduce proprietary 'extensions'.


User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: FAQ: Frequently Asked Questions about CGI Programming
Previous Document: 4.5 How can I run my CGI program 'live' in a debugger?
Next Document: SECTION 5 - FURTHER READING

Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
Nick Kew <nick@webthing.com>





Last Update March 27 2014 @ 02:12 PM