Image Serving HTTP encoding

Command values must be http-encoded using %xx escape sequences, such that the value strings do not include the reserved characters ‘=’, ‘&’, and ‘%’.

Otherwise, standard HTTP encoding rules apply. The HTTP specification requires encoding of the unsafe characters, as well as any control characters, such as <return> and <tab>. URL encoding of a character consists of a “%” symbol, followed by the two-digit hexadecimal representation (case-insensitive) of the ISO-Latin code point for the character. The unsafe characters and code points are:

Unsafe character Code points (hex) Code points (dec)

Space

20

32

<

3C

60

>

3E

62

"

22

34

#

23

35

%

25

37

{

7B

123

}

7D

125

|

7C

124

\

5C

92

^

5E

94

~

7E

126

[

5B

91

]

5D

93

`

60

96

Reserved characters must also be encoded.

Reserved Character Code Points (Hex) Code Points (Dec)

$

24

36

&

26

38

+

2B

43

,

2C

44

/

2F

47

:

3A

58

;

3B

59

=

3D

61

?

3F

63

@

40

64

Example

…&$text=rate&weight=85% 27#&…

If obfuscation is not applied, the above request fragment must be encoded as follows:

…&$text=rate%26weight%3D85%25%2027%23&…

If obfuscation is applied, encoding can be limited to remove ‘=’, ‘&’, and ‘%’ characters:

…&$text=rate%26weight%3D85%25 27#&…

See also

Request Obfuscation, HTTP/1.1 Specification (RFC 2616)

On this page