Should I use encodeURI or encodeURIComponent for encoding URLs?

Should I use encodeURI or encodeURIComponent for encoding URLs?

Which of these two methods should be used for encoding URLs?

Solutions/Answers:

Solution 1:

It depends on what you are actually wanting to do.

encodeURI assumes that the input is a complete URI that might have some characters which need encoding in it.

encodeURIComponent will encode everything with special meaning, so you use it for components of URIs such as

var world = "A string with symbols & characters that have special meaning?";
var uri = 'http://example.com/foo?hello=' + encodeURIComponent(world);

Solution 2:

If you’re encoding a string to put in a URL component (a querystring parameter), you should call encodeURIComponent.

If you’re encoding an existing URL, call encodeURI.

Solution 3:

xkr.us has a great discussion, with examples. To quote their summary:

The escape() method does not encode the + character which is
interpreted as a space on the server side as well as generated by
forms with spaces in their fields. Due to this shortcoming and the
fact that this function fails to handle non-ASCII characters
correctly, you should avoid use of escape() whenever possible. The
best alternative is usually encodeURIComponent().

escape() will not encode: @*/+

Use of the encodeURI() method is a bit more specialized than escape()
in that it encodes for URIs as opposed to the querystring, which is
part of a URL. Use this method when you need to encode a string to be
used for any resource that uses URIs and needs certain characters to
remain un-encoded. Note that this method does not encode the ‘
character, as it is a valid character within URIs.

encodeURI() will not encode: ~!@#$&*()=:/,;?+’

Lastly, the encodeURIComponent() method should be used in most cases
when encoding a single component of a URI. This method will encode
certain chars that would normally be recognized as special chars for
URIs so that many components may be included. Note that this method
does not encode the ‘ character, as it is a valid character within
URIs.

encodeURIComponent() will not encode: ~!*()’

Solution 4:

encodeURIComponent() : assumes that its argument is a portion (such as the protocol, hostname, path, or query string)
of a URI. Therefore it escapes the punctuation characters that are used to separate the portionsof a URI.

encodeURI(): is used for encoding existing url

Solution 5:

Here is a summary.

  1. escape() will not encode @ * _ + – . /

    Do not use it.

  2. encodeURI() will not encode A-Z a-z 0-9 ; , / ? : @ & = + $ – _ . ! ~ * ‘ ( ) #

    Use it when your input is a complete URL like ‘https://searchexample.com/search?q=wiki

  3. encodeURIComponent() will not encode A-Z a-z 0-9 – _ . ! ~ * ‘ ( )
    Use it when your input is part of a complete URL
    e.g
    const queryStr = encodeURIComponent(someString)

Solution 6:

Difference between encodeURI and encodeURIComponent:

encodeURIComponent(value) is mainly used to encode queryString parameter values, and it encodes every applicable character in value. encodeURI ignores protocol prefix (http://) and domain name.


In very, very rare cases, when you want to implement manual encoding to encode additional characters (though they don’t need to be encoded in typical cases) like: ! * , then
you might use:

function fixedEncodeURIComponent(str) {
  return encodeURIComponent(str).replace(/[!*]/g, function(c) {
    return '%' + c.charCodeAt(0).toString(16);
  });
}

(source)

Related:  Using Node.js require vs. ES6 import/export