Incorrectly escaping URL's

Question

Incorrectly escaping URL's

Opened this issue 10 years ago · 3 comments

Hi,

The following line of code doesn't escape all characters in URL's properly so we were having issues getting valid Embedly responses (often for links to Facebook images).

NSString *paramValue = [params[key] stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLQueryAllowedCharacterSet]];

The following should be used instead:

(NSString *) CFBridgingRelease(CFURLCreateStringByAddingPercentEscapes(NULL, (CFStringRef)urlString, NULL, (CFStringRef)@";/?:@&=$+{}<>,", CFStringConvertNSStringEncodingToEncoding(NSASCIIStringEncoding)));

Answer 1 · 2014-09-16T15:14:54.000Z

@tboetig @anrope @artgibson it'd be great to get this into the code base. This would be affecting all users using the iOS framework...

Answer 2 · 2014-09-16T16:32:45.000Z

Hi,

Can you provide some more details? Maybe a couple example URLs that are affected by this?

Andy

Answer 3 · 2016-01-11T04:05:16.000Z

Check out http://stackoverflow.com/questions/3423545/objective-c-iphone-percent-encode-a-string

stringByAddingPercentEncodingWithAllowedCharacters is the way to go as of iOS 7