TWiki » TWikiVariables » VarURLPARAM

URLPARAM{"name"} -- get value of a URL parameter

  • Returns the value of a URL parameter.
  • Syntax: %URLPARAM{"name"}%
  • Supported parameters:
Parameter: Description: Default:
"name" The name of a URL parameter required
newline="$br" Convert newlines in textarea to other delimiters. Variables $br (for <br /> tag), $n (for newline) are expanded. Other text is encoded based on encode parameter. no conversion
encode="off" Turn off encoding. See important security note below encode="safe"
encode="quote" Escape double quotes with backslashes (\"), does not change other characters; required when feeding URL parameters into other TWiki variables. This encoding does not protect against cross-site scripting. encode="safe"
encode="moderate" Encode special characters into HTML entities for moderate cross-site scripting protection: "<", ">", single quote (') and double quote (") are encoded. Useful to allow TWiki variables in comment boxes. encode="safe"
encode="safe" Encode special characters into HTML entities for cross-site scripting protection: "<", ">", "%", single quote (') and double quote (") are encoded. (this is the default)
encode="entity" Encode special characters into HTML entities. See ENCODE for details. encode="safe"
encode="html" Encode special characters into HTML entities. In addition to encode="entity", it also encodes space, newline (\n) and linefeed (\r). Useful to encode text properly in HTML input fields. encode="safe"
encode="url" Encode special characters for URL parameter use, like a double quote into %22 encode="safe"
multiple="on"
multiple="[[$item]]" 		If set, gets all selected elements of a <select multiple="multiple"> tag. A format can be specified, with $item indicating the element, e.g. multiple="Option: $item" first element
separator=", " Separator between multiple selections. Only relevant if multiple is specified "\n" (newline)
format="..." Format the result. $value expands to the URL parameter. If multiple is specified, $value expands to the result of the concatenated items. "$value"
default="..." Default value in case parameter is empty or missing. The format parameter is not applied. empty string
  • Example: %URLPARAM{"skin"}% returns print for a .../view/TWiki/VarURLPARAM?skin=print URL
  • ALERT! Notes:
    • IMPORTANT: There is a risk that this variable can be misused for cross-site scripting (XSS) if the encoding is turned off. The encode="safe" is the default, it provides a safe middle ground. The encode="entity" is more aggressive, but some TWiki applications might not work.
    • URL parameters passed into HTML form fields should be encoded as "html".
      Example: <input type="text" name="address" value="%URLPARAM{ "address" encode="html" }%" />
    • Double quotes in URL parameters must be escaped when passed into other TWiki variables.
      Example: %SEARCH{ "%URLPARAM{ "search" encode="quotes" }%" noheader="on" }%
    • When used in a template topic, this variable will be expanded when the template is used to create a new topic. See TWikiTemplates#TemplateTopicsVars for details.
    • Watch out for TWiki internal parameters, such as rev, skin, template, topic, web; they have a special meaning in TWiki. Common parameters and view script specific parameters are documented at TWikiScripts.
    • If you have %URLPARAM{ in the value of a URL parameter, it will be modified to %<nop>URLPARAM{. This is to prevent an infinite loop during expansion.
  • Category: DevelopmentVariables, SystemInformationVariables
  • Related: ENCODE, ENTITY, SEARCH, FormattedSearch, QUERYSTRING
r9 - 15 Nov 2012 - 07:16:51 - TWikiContributor
 
Linux & Open Source for AT91 Microchip Microprocessors

Print

Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.

Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.

Microchip and others, are registered trademarks or trademarks of Microchip Technology Inc. and its subsidiaries. This site is powered by the TWiki collaboration platform

Arm® and others are registered trademarks or trademarks of Arm Limited (or its affiliates). Other terms and product names may be trademarks of others.

Ideas, requests, contributions ? Connect to LinksToCommunities page.

Syndicate this siteRSS ATOM