Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Escaping ampersand in URL

People also ask

How do you escape an ampersand from a URL?

For example, to encode a URL with an ampersand character, use %24. However, in HTML, use either & or &, both of which would write out the ampersand in the HTML page.

Can you use an ampersand in a URL?

No. Unfortunately you can't use ampersands (&) as part of your domain name. Characters that you can use in your domain name include letters, numbers and hyphens.

How do you escape ampersand in HTML?

If you want one to appear in text on a web page you should use the encoded named entity “ & ”—more technical mumbo-jumbo at w3c.org. While most web browsers will let you get away without encoding them, stuff can get dicey in weird edge cases and fail completely in XML.


They need to be percent-encoded:

> encodeURIComponent('&')
"%26"

So in your case, the URL would look like:

http://www.mysite.com?candy_name=M%26M

This does not only apply to the ampersand in URLs, but to all reserved characters. Some of which include:

 # $ & + ,  / : ; = ? @ [ ]

The idea is the same as encoding an &in an HTML document, but the context has changed to be within the URI, in addition to being within the HTML document. So, the percent-encoding prevents issues with parsing inside of both contexts.

The place where this comes in handy a lot is when you need to put a URL inside of another URL. For example, if you want to post a status on Twitter:

http://www.twitter.com/intent/tweet?status=What%27s%20up%2C%20StackOverflow%3F(http%3A%2F%2Fwww.stackoverflow.com)

There's lots of reserved characters in my Tweet, namely ?'():/, so I encoded the whole value of the status URL parameter. This also is helpful when using mailto: links that have a message body or subject, because you need to encode the body and subject parameters to keep line breaks, ampersands, etc. intact.

When a character from the reserved set (a "reserved character") has special meaning (a "reserved purpose") in a certain context, and a URI scheme says that it is necessary to use that character for some other purpose, then the character must be percent-encoded. Percent-encoding a reserved character involves converting the character to its corresponding byte value in ASCII and then representing that value as a pair of hexadecimal digits. The digits, preceded by a percent sign ("%") which is used as an escape character, are then used in the URI in place of the reserved character. (For a non-ASCII character, it is typically converted to its byte sequence in UTF-8, and then each byte value is represented as above.) The reserved character "/", for example, if used in the "path" component of a URI, has the special meaning of being a delimiter between path segments. If, according to a given URI scheme, "/" needs to be in a path segment, then the three characters "%2F" or "%2f" must be used in the segment instead of a raw "/".

http://en.wikipedia.org/wiki/Percent-encoding#Percent-encoding_reserved_characters


Try using http://www.example.org?candy_name=M%26M.

See also this reference and some more information on Wikipedia.


You can use the % character to 'escape' characters that aren't allowed in URLs. See RFC 1738.

A table of ASCII values is given on the Wikipedia page.

You can see & is 26 in hexadecimal - so you need M%26M.


I would like to add a minor comment to Blender's solution.

You can do the following:

var link = 'http://example.com?candy_name=' + encodeURIComponent('M&M');

That outputs:

http://example.com?candy_name=M%26M

The great thing about this it does not only work for &, but for any especial character.

For instance:

var link = 'http://example.com?candy_name=' + encodeURIComponent('M&M?><')

Outputs:

"http://example.com?candy_name=M%26M%3F%3E%3C"

This may help if someone want it in PHP

$variable ="candy_name=M&M";
$variable = str_replace("&", "%26", $variable);