Home

Adding Percent Esacpes With Cocoa

When passing data to a web site, especially via "GET" requests (e.g. calling + stringWithContentsOfURL:encoding:error:) it's important to ensure content is properly escaped. This is also true on the iPhone when you are attempting to use a "mailto:" URL to invoke the native e-mail client from your app.

One obvious way to do this is by calling NSString's "- (NSString *)stringByAddingPercentEscapesUsingEncoding:(NSStringEncoding)encoding" method. While this does a good job, it is not perfect and will miss things like "/", which may make some web services cry. The best way to do this encoding is to use:

CFStringRef CFURLCreateStringByAddingPercentEscapes (
   CFAllocatorRef allocator,
   CFStringRef originalString,
   CFStringRef charactersToLeaveUnescaped,
   CFStringRef legalURLCharactersToBeEscaped,
   CFStringEncoding encoding
);

This method lets you specify what you want encoded and what you want left raw. I threw together a really quick sample command line tool to show you the difference. Here are the salient lies:

NSString *url = @"<b>some HTML content</b> <a href=\"http://theresurgence.com/search/node/bible\">study materials</a>" ;

NSLog(@"Original text: [%@]", url) ;

NSLog(@"NSString percent escapes: [%@]",
      [ url stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding]) ;

NSLog(@"CFURL percent escapes: [%@]",
      CFURLCreateStringByAddingPercentEscapes(kCFAllocatorDefault,
          (CFStringRef)url, NULL, CFSTR("!*'();:@&=+$,/?%#[]"), kCFStringEncodingUTF8));

And, here is the output:

Original text: [<b>some HTML content</b> <a href="http://theresurgence.com/search/node/bible">study materials</a>]
NSString percent escapes: [%3Cb%3Esome%20HTML%20content%3C/b%3E%20%3Ca%20href=%22http://theresurgence.com/search/node/bible%22%3Estudy%20materials%3C/a%3E]
CFURL percent escapes: [%3Cb%3Esome%20HTML%20content%3C%2Fb%3E%20%3Ca%20href%3D%22http%3A%2F%2Ftheresurgence.com%2Fsearch%2Fnode%2Fbible%22%3Estudy%20materials%3C%2Fa%3E]

Big difference without tons of additional code. Plus, you can use CFURLCreateStringByReplacingPercentEscapesUsingEncoding just as easily to unescape any string.

PostCategoryIcon 2245 reads   | PostTagIcon Tags: 2009, cocoa, development, objective-c, os x, Programming
Post new comment
The content of this field is kept private and will not be shown publicly.
QR code for this URL
Search
About...
View Bob Rudis's profile on LinkedIn
My current resumes
My SecurityFocus.com articles
SANS Reading Room Articles
FedTech Magazine Articles
The Apple Blog Posts

Social Sphere


Is it birthday?










Add to Google Reader or Homepage

Subscribe in NewsGator Online
 Subscribe in a reader
Powered by FeedBurner


RDN Wx Cam
Recent comments
Reading Plan
more
Obama FAIL
more
Navigation
TwitPic
more
Syndicate
Syndicate content
Monitoring