1 /*
2 * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.net;
27
28 import java.io.UnsupportedEncodingException;
29 import java.io.CharArrayWriter;
30 import java.nio.charset.Charset;
31 import java.nio.charset.IllegalCharsetNameException;
32 import java.nio.charset.UnsupportedCharsetException ;
33 import java.util.BitSet;
34 import sun.security.action.GetPropertyAction;
35
36 /**
37 * Utility class for HTML form encoding. This class contains static methods
38 * for converting a String to the <CODE>application/x-www-form-urlencoded</CODE> MIME
39 * format. For more information about HTML form encoding, consult the HTML
40 * <A HREF="http://www.w3.org/TR/html4/">specification</A>.
41 *
42 * <p>
43 * When encoding a String, the following rules apply:
44 *
45 * <ul>
46 * <li>The alphanumeric characters "{@code a}" through
47 * "{@code z}", "{@code A}" through
48 * "{@code Z}" and "{@code 0}"
49 * through "{@code 9}" remain the same.
50 * <li>The special characters "{@code .}",
51 * "{@code -}", "{@code *}", and
52 * "{@code _}" remain the same.
53 * <li>The space character " " is
54 * converted into a plus sign "{@code +}".
55 * <li>All other characters are unsafe and are first converted into
56 * one or more bytes using some encoding scheme. Then each byte is
57 * represented by the 3-character string
58 * "<i>{@code %xy}</i>", where <i>xy</i> is the
59 * two-digit hexadecimal representation of the byte.
60 * The recommended encoding scheme to use is UTF-8. However,
61 * for compatibility reasons, if an encoding is not specified,
62 * then the default encoding of the platform is used.
63 * </ul>
64 *
65 * <p>
66 * For example using UTF-8 as the encoding scheme the string "The
67 * string ü@foo-bar" would get converted to
68 * "The+string+%C3%BC%40foo-bar" because in UTF-8 the character
69 * ü is encoded as two bytes C3 (hex) and BC (hex), and the
70 * character @ is encoded as one byte 40 (hex).
71 *
72 * @author Herb Jellinek
73 * @since 1.0
74 */
75 public class URLEncoder {
76 static BitSet dontNeedEncoding;
77 static final int caseDiff = ('a' - 'A');
78 static String dfltEncName = null;
79
80 static {
81
82 /* The list of characters that are not encoded has been
83 * determined as follows:
84 *
85 * RFC 2396 states:
86 * -----
87 * Data characters that are allowed in a URI but do not have a
88 * reserved purpose are called unreserved. These include upper
89 * and lower case letters, decimal digits, and a limited set of
90 * punctuation marks and symbols.
91 *
92 * unreserved = alphanum | mark
93 *
94 * mark = "-" | "_" | "." | "!" | "~" | "*" | "'" | "(" | ")"
95 *
96 * Unreserved characters can be escaped without changing the
97 * semantics of the URI, but this should not be done unless the
98 * URI is being used in a context that does not allow the
99 * unescaped character to appear.
100 * -----
101 *
102 * It appears that both Netscape and Internet Explorer escape
103 * all special characters from this list with the exception
104 * of "-", "_", ".", "*". While it is not clear why they are
105 * escaping the other characters, perhaps it is safest to
106 * assume that there might be contexts in which the others
107 * are unsafe if not escaped. Therefore, we will use the same
108 * list. It is also noteworthy that this is consistent with
109 * O'Reilly's "HTML: The Definitive Guide" (page 164).
110 *
111 * As a last note, Intenet Explorer does not encode the "@"
112 * character which is clearly not unreserved according to the
113 * RFC. We are being consistent with the RFC in this matter,
114 * as is Netscape.
115 *
116 */
117
118 dontNeedEncoding = new BitSet(256);
119 int i;
120 for (i = 'a'; i <= 'z'; i++) {
121 dontNeedEncoding.set(i);
122 }
123 for (i = 'A'; i <= 'Z'; i++) {
124 dontNeedEncoding.set(i);
125 }
126 for (i = '0'; i <= '9'; i++) {
127 dontNeedEncoding.set(i);
128 }
129 dontNeedEncoding.set(' '); /* encoding a space to a + is done
130 * in the encode() method */
131 dontNeedEncoding.set('-');
132 dontNeedEncoding.set('_');
133 dontNeedEncoding.set('.');
134 dontNeedEncoding.set('*');
135
136 dfltEncName = GetPropertyAction.privilegedGetProperty("file.encoding");
137 }
138
139 /**
140 * You can't call the constructor.
141 */
142 private URLEncoder() { }
143
144 /**
145 * Translates a string into {@code x-www-form-urlencoded}
146 * format. This method uses the platform's default encoding
147 * as the encoding scheme to obtain the bytes for unsafe characters.
148 *
149 * @param s {@code String} to be translated.
150 * @deprecated The resulting string may vary depending on the platform's
151 * default encoding. Instead, use the encode(String,String)
152 * method to specify the encoding.
153 * @return the translated {@code String}.
154 */
155 @Deprecated
156 public static String encode(String s) {
157
158 String str = null;
159
160 try {
161 str = encode(s, dfltEncName);
162 } catch (UnsupportedEncodingException e) {
163 // The system should always have the platform default
164 }
165
166 return str;
167 }
168
169 /**
170 * Translates a string into {@code application/x-www-form-urlencoded}
171 * format using a specific encoding scheme. This method uses the
172 * supplied encoding scheme to obtain the bytes for unsafe
173 * characters.
174 * <p>
175 * <em><strong>Note:</strong> The <a href=
176 * "http://www.w3.org/TR/html40/appendix/notes.html#non-ascii-chars">
177 * World Wide Web Consortium Recommendation</a> states that
178 * UTF-8 should be used. Not doing so may introduce
179 * incompatibilities.</em>
180 *
181 * @param s {@code String} to be translated.
182 * @param enc The name of a supported
183 * <a href="../lang/package-summary.html#charenc">character
184 * encoding</a>.
185 * @return the translated {@code String}.
186 * @exception UnsupportedEncodingException
187 * If the named encoding is not supported
188 * @see URLDecoder#decode(java.lang.String, java.lang.String)
189 * @since 1.4
190 */
191 public static String encode(String s, String enc)
192 throws UnsupportedEncodingException {
193
194 boolean needToChange = false;
195 StringBuilder out = new StringBuilder(s.length());
196 Charset charset;
197 CharArrayWriter charArrayWriter = new CharArrayWriter();
198
199 if (enc == null)
200 throw new NullPointerException("charsetName");
201
202 try {
203 charset = Charset.forName(enc);
204 } catch (IllegalCharsetNameException e) {
205 throw new UnsupportedEncodingException(enc);
206 } catch (UnsupportedCharsetException e) {
207 throw new UnsupportedEncodingException(enc);
208 }
209
210 for (int i = 0; i < s.length();) {
211 int c = (int) s.charAt(i);
212 //System.out.println("Examining character: " + c);
213 if (dontNeedEncoding.get(c)) {
214 if (c == ' ') {
215 c = '+';
216 needToChange = true;
217 }
218 //System.out.println("Storing: " + c);
219 out.append((char)c);
220 i++;
221 } else {
222 // convert to external encoding before hex conversion
223 do {
224 charArrayWriter.write(c);
225 /*
226 * If this character represents the start of a Unicode
227 * surrogate pair, then pass in two characters. It's not
228 * clear what should be done if a byte reserved in the
229 * surrogate pairs range occurs outside of a legal
230 * surrogate pair. For now, just treat it as if it were
231 * any other character.
232 */
233 if (c >= 0xD800 && c <= 0xDBFF) {
234 /*
235 System.out.println(Integer.toHexString(c)
236 + " is high surrogate");
237 */
238 if ( (i+1) < s.length()) {
239 int d = (int) s.charAt(i+1);
240 /*
241 System.out.println("\tExamining "
242 + Integer.toHexString(d));
243 */
244 if (d >= 0xDC00 && d <= 0xDFFF) {
245 /*
246 System.out.println("\t"
247 + Integer.toHexString(d)
248 + " is low surrogate");
249 */
250 charArrayWriter.write(d);
251 i++;
252 }
253 }
254 }
255 i++;
256 } while (i < s.length() && !dontNeedEncoding.get((c = (int) s.charAt(i))));
257
258 charArrayWriter.flush();
259 String str = new String(charArrayWriter.toCharArray());
260 byte[] ba = str.getBytes(charset);
261 for (int j = 0; j < ba.length; j++) {
262 out.append('%');
263 char ch = Character.forDigit((ba[j] >> 4) & 0xF, 16);
264 // converting to use uppercase letter as part of
265 // the hex value if ch is a letter.
266 if (Character.isLetter(ch)) {
267 ch -= caseDiff;
268 }
269 out.append(ch);
270 ch = Character.forDigit(ba[j] & 0xF, 16);
271 if (Character.isLetter(ch)) {
272 ch -= caseDiff;
273 }
274 out.append(ch);
275 }
276 charArrayWriter.reset();
277 needToChange = true;
278 }
279 }
280
281 return (needToChange? out.toString() : s);
282 }
283 }