Which characters are allowed in GET parameters without encoding or escaping them? I mean something like this:
http://www.example.org/page.php?name=XYZ
What can you have there instead of XYZ? I think only the following characters:
Is this the full list or are there additional characters allowed?
I hope you can help me. Thanks in advance!
There are reserved characters, that have a reserved meanings, those are delimiters — :/?#[]@
— and subdelimiters — !$&'()*+,;=
There is also a set of characters called unreserved characters — alphanumerics and -._~
— which are not to be encoded.
That means, that anything that doesn't belong to unreserved characters set is supposed to be %-encoded, when they do not have special meaning (e.g. when passed as a part of GET
parameter).
See also RFC3986: Uniform Resource Identifier (URI): Generic Syntax