What does %5B and %5D in POST requests stand for?
JavaPostHttpwebrequestJava Problem Overview
I'm trying to write a Java class to log in to a certain website. The data sent in the POST request to log in is
user%5Blogin%5D=username&user%5Bpassword%5D=123456
I'm curious what the %5B and %5D means in the key user login.
How do I decode these data?
Java Solutions
Solution 1 - Java
As per this answer over here: str='foo%20%5B12%5D' encodes foo [12]:
%20 is space
%22 is quotes
%5B is '['
and %5D is ']'
This is called percent encoding and is used in encoding special characters in the url parameter values.
EDIT By the way as I was reading https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/encodeURI#Description, it just occurred to me why so many people make the same search. See the note on the bottom of the page:
> Also note that if one wishes to follow the more recent RFC3986 > for URL's, making square brackets reserved (for IPv6) and thus not > encoded when forming something which could be part of a URL (such as a > host), the following may help.
function fixedEncodeURI (str) {
return encodeURI(str).replace(/%5B/g, '[').replace(/%5D/g, ']');
}
Hopefully this will help people sort out their problems when they stumble upon this question.
Solution 2 - Java
They represent [ and ]. The encoding is called "URL encoding".
Solution 3 - Java
[] is replaced by %5B%5D at URL encoding time.
Solution 4 - Java
Well it's the usual url encoding
So they stand for [, respectively ]
Solution 5 - Java
To find out these values you can simply use Console in your browser and do the following
console.log(decodeURI('user%5Blogin%5D=username&user%5Bpassword%5D=123456'))
Solution 6 - Java
To take a quick look, you can percent-en/decode using this online tool.
Solution 7 - Java
The data would probably have been posted originally from a web form looking a bit like this (but probably much more complicated):
<form action="http://example.com" method="post">
User login <input name="user[login]" /><br />
User password <input name="user[password]" /><br />
<input type="submit" />
</form>
If the method were "get" instead of "post", clicking the submit button would take you to a URL looking a bit like this:
>http://example.com/?user%5Blogin%5D=username&user%5Bpassword%5D=123456
or:
>http://example.com/?user[login]=username&user[password]=123456
The web server on the other end will likely take the user[login] and user[password] parameters, and make them into a user object with login and password fields containing those values.
Solution 8 - Java
Not least important is why these symbols occur in url. See https://www.php.net/manual/en/function.parse-str.php#76792, specifically:
parse_str('foo[]=1&foo[]=2&foo[]=3', $bar);
the above produces:
$bar = ['foo' => ['1', '2', '3'] ];
and what is THE method to separate query vars in arrays (in php, at least).