Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to properly escape html sent as data in jQuery's .ajax function

Tags:

jquery

ajax

jsonp

escaping

UPDATE: Once I looked at the problem in Firebug, I found my mistake immediately. And it was an embarrassing unmatched double quote that I must have deleted somehow. I had been using Chrome's developer window. Very sorry for using up your resources. But, lesson learned! ("I hope.)

What is the best way for me to escape html characters that I want to send to my server? I am using jQuery, .ajax(), and jsonp.

I'm writing a bookmarklet which sends parts of the current page's html to my server. Here is the ajax call:

jQuery.ajax({
    url: 'http://www.my_server.com/file.php?callback=?',
    dataType: 'jsonp',
    data: { someHtml: escape(jQuery(this).html().substring(0,1000)) },
    success: function() { // stuff },
    beforeSend: function(xhr) {
                  xhr.setRequestHeader('Content-type','text/html');
                },
    error: function() { // stuff }
});

I need to use JSONP and therefore I can't use POST, and this is why I'm truncating the html data. Things work if the html is "nice", but if it contains characters javascript doesn't like, then I have problems. I fixed my ' problem by using escape(), but now I think I'm having newline and tab problems.

Chrome's dev console gives me the same error:

Uncaught SyntaxError: Unexpected token <

which I assume means some character is causing things to break out of javascript. I have tried the following: escape(), encodeURI/Component(), serialize(), text(), but nothing has worked yet. At first, I didn't use beforeSend, but thought I should try it, but no difference.

Currently, I'm stuck with some html which has a line break, then a tab, then a couple of spaces. I have tried replacing these characters using replace():

... .substring(0,1000).replace(/(\r\n|[\r\n])/g,'')

I found this regex string on another site which is supposed to replace various combinations of carriage returns and line feeds.

I hope I've explained myself clearly enough. It's my first question at Stack Overflow so go easy on me. :)

like image 269
SeanO Avatar asked Nov 08 '10 08:11

SeanO

1 Answers

You don't need to escape or encode. jQuery will take care of properly URL encoding the data:

data: { someHtml: $(this).html().substring(0, 1000) },
like image 111
Darin Dimitrov Avatar answered Nov 12 '22 19:11

Darin Dimitrov
Sign in to Comment

Related questions

Angular highlight & dehighlight dynamic html using filters
Add an input value to a database value
How do you use Dropzone.js with chunked file uploads (PHP only)?
When element enters viewport, scroll its entire contents horizontally before it leaves the viewport
Implementing undo feature: how to measure memory consumption of JavaScript array?
JQuery UI tooltip extension using options.items vs title
jQuery tablesorter plugin column width incorrect in IE7
Experiences with Javascript History Frameworks
How to use jQuery AJAX $.post to store PHP $_SESSION variables?
Jquery Draggable - How do I create a new draggable div on the fly that can then be dragged?
How do I select all text contained in <pre> using jQuery?
How to clear filter on Telerik ASP.NET MVC Grid
IE e.keyCode - How can I differentiate between ampersand and up-arrow?
OpenID and Iframes
Positioning a tooltip relative to another div in JQuery
InnerHTML/outerHTML in IE doesn't reflect checkbox state except in quirks mode
JQuery JEditable - How to Disable on click editing
Turning jQuery charts into PDFs
JQuery Validate individual fieldsets
Find what has been changed and upload only changes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!