Encoding content into a Hidden Field

P

Plinkerton

Hi folks,

I want to store some values I get using JavaScript/jQuery into a
Hidden Field so the Server can read it.

What are the limits of what I can put in a Hidden Field. Is anything/
everything ok as long as it gets some kind of HTML Encoding?

What can't put into a hidden field? Like for example, if I wanted to
use JavaScript to put a copy of the whole HTML document into a hidden
field is there any reason I can't do that? I'm curious what the
limits are.

Any help is much appreciated.
 
M

Martin Honnen

Plinkerton said:
I want to store some values I get using JavaScript/jQuery into a
Hidden Field so the Server can read it.

What are the limits of what I can put in a Hidden Field. Is anything/
everything ok as long as it gets some kind of HTML Encoding?

What can't put into a hidden field? Like for example, if I wanted to
use JavaScript to put a copy of the whole HTML document into a hidden
field is there any reason I can't do that? I'm curious what the
limits are.

Is a hidden field an <input type="hidden"> element? There are no limits
when the form is submitted with the POST method. With the GET method
there have been limits reported for browsers not managing URLs longer
than 2 KBytes I think but I haven't tested with current browsers.

And you don't need your script to encode the value you set, the browser
will do when it submits the form.
 
T

Thomas 'PointedEars' Lahn

Martin said:
[...] With the GET method there have been limits reported for browsers
not managing URLs longer than 2 KBytes I think but I haven't tested with
current browsers.

K(ibi)Byte is not an viable unit to measure URI length; although eventually
converted to ASCII characters by the UA according to RFC3986, an unescaped
(assigned) URI string may contain characters that require multi-byte
encoding, such as those from Unicode beyond code point U+0079.

As for current browsers, according to Microsoft the restriction of maximum
2083 characters per URI applies to Internet Explorer version 7 as well. I
don't know whether that applies to the escaped URI or the original unescaped
one.

http://support.microsoft.com/?scid=kb;en-us;208427&x=10&y=17
And you don't need your script to encode the value you set, the browser
will do when it submits the form.

Exactly.


PointedEars
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,904
Latest member
HealthyVisionsCBDPrice

Latest Threads

Top