82
seCure develoPment For mobIle APPs
URL Encoding Sending a URL with embedded spaces can cause the URL to be
truncated and the intended URL to not be reached. It is important to make sure that
URLs are properly encoded so that spaces are converted to the proper entity, preserv-
ing the full URL.
With PHP, there are two choices of encoding. Spaces can be converted to a plus
sign, ‘+’, or to ‘%20’.
urlencode()/rawurlencode() Example e first example shows the effect of
urlencode() to encode spaces as +.
$u rl = "https://www.security.com/index.php?file = learning
security";
$encodedURL = urlencode($url);
echo $encodedUrl;
OUTPUTS:
https%3A%2F%2Fwww.security.com%2Findex.php%3Ffile%3Dlearning+security
echo urldecode($encodedUrl);
OUTPUTS:
https://www.security.com/index.php?file ...