1URI::Escape(3)        User Contributed Perl Documentation       URI::Escape(3)
2
3
4

NAME

6       URI::Escape - Percent-encode and percent-decode unsafe characters
7

SYNOPSIS

9        use URI::Escape;
10        $safe = uri_escape("10% is enough\n");
11        $verysafe = uri_escape("foo", "\0-\377");
12        $str  = uri_unescape($safe);
13

DESCRIPTION

15       This module provides functions to percent-encode and percent-decode URI
16       strings as defined by RFC 3986. Percent-encoding URI's is informally
17       called "URI escaping".  This is the terminology used by this module,
18       which predates the formalization of the terms by the RFC by several
19       years.
20
21       A URI consists of a restricted set of characters.  The restricted set
22       of characters consists of digits, letters, and a few graphic symbols
23       chosen from those common to most of the character encodings and input
24       facilities available to Internet users.  They are made up of the
25       "unreserved" and "reserved" character sets as defined in RFC 3986.
26
27          unreserved    = ALPHA / DIGIT / "-" / "." / "_" / "~"
28          reserved      = ":" / "/" / "?" / "#" / "[" / "]" / "@"
29                          "!" / "$" / "&" / "'" / "(" / ")"
30                        / "*" / "+" / "," / ";" / "="
31
32       In addition, any byte (octet) can be represented in a URI by an escape
33       sequence: a triplet consisting of the character "%" followed by two
34       hexadecimal digits.  A byte can also be represented directly by a
35       character, using the US-ASCII character for that octet.
36
37       Some of the characters are reserved for use as delimiters or as part of
38       certain URI components.  These must be escaped if they are to be
39       treated as ordinary data.  Read RFC 3986 for further details.
40
41       The functions provided (and exported by default) from this module are:
42
43       uri_escape( $string )
44       uri_escape( $string, $unsafe )
45           Replaces each unsafe character in the $string with the
46           corresponding escape sequence and returns the result.  The $string
47           argument should be a string of bytes.  The uri_escape() function
48           will croak if given a characters with code above 255.  Use
49           uri_escape_utf8() if you know you have such chars or/and want chars
50           in the 128 .. 255 range treated as UTF-8.
51
52           The uri_escape() function takes an optional second argument that
53           overrides the set of characters that are to be escaped.  The set is
54           specified as a string that can be used in a regular expression
55           character class (between [ ]).  E.g.:
56
57             "\x00-\x1f\x7f-\xff"          # all control and hi-bit characters
58             "a-z"                         # all lower case characters
59             "^A-Za-z"                     # everything not a letter
60
61           The default set of characters to be escaped is all those which are
62           not part of the "unreserved" character class shown above as well as
63           the reserved characters.  I.e. the default is:
64
65               "^A-Za-z0-9\-\._~"
66
67           The second argument can also be specified as a regular expression
68           object:
69
70             qr/[^A-Za-z]/
71
72           Any strings matched by this regular expression will have all of
73           their characters escaped.
74
75       uri_escape_utf8( $string )
76       uri_escape_utf8( $string, $unsafe )
77           Works like uri_escape(), but will encode chars as UTF-8 before
78           escaping them.  This makes this function able to deal with
79           characters with code above 255 in $string.  Note that chars in the
80           128 .. 255 range will be escaped differently by this function
81           compared to what uri_escape() would.  For chars in the 0 .. 127
82           range there is no difference.
83
84           Equivalent to:
85
86               utf8::encode($string);
87               my $uri = uri_escape($string);
88
89           Note: JavaScript has a function called escape() that produces the
90           sequence "%uXXXX" for chars in the 256 .. 65535 range.  This
91           function has really nothing to do with URI escaping but some folks
92           got confused since it "does the right thing" in the 0 .. 255 range.
93           Because of this you sometimes see "URIs" with these kind of
94           escapes.  The JavaScript encodeURIComponent() function is similar
95           to uri_escape_utf8().
96
97       uri_unescape($string,...)
98           Returns a string with each %XX sequence replaced with the actual
99           byte (octet).
100
101           This does the same as:
102
103              $string =~ s/%([0-9A-Fa-f]{2})/chr(hex($1))/eg;
104
105           but does not modify the string in-place as this RE would.  Using
106           the uri_unescape() function instead of the RE might make the code
107           look cleaner and is a few characters less to type.
108
109           In a simple benchmark test I did, calling the function (instead of
110           the inline RE above) if a few chars were unescaped was something
111           like 40% slower, and something like 700% slower if none were.  If
112           you are going to unescape a lot of times it might be a good idea to
113           inline the RE.
114
115           If the uri_unescape() function is passed multiple strings, then
116           each one is returned unescaped.
117
118       The module can also export the %escapes hash, which contains the
119       mapping from all 256 bytes to the corresponding escape codes.  Lookup
120       in this hash is faster than evaluating "sprintf("%%%02X", ord($byte))"
121       each time.
122

SEE ALSO

124       URI
125
127       Copyright 1995-2004 Gisle Aas.
128
129       This program is free software; you can redistribute it and/or modify it
130       under the same terms as Perl itself.
131
132
133
134perl v5.36.0                      2023-01-20                    URI::Escape(3)
Impressum