if I have a string "#AAAA", when I use <c:url value="#AAAA" var="enc" />, the value of "enc" remains "#AAAA". When passed in the query string, the value gets ignored. <c:url> should follow the behavior of URLEncoder.encode(), which properly converts the unsafe characters
Walter, <c:url> has been spec'ed to only do URL rewriting. More specifically, the JSTL spec says: "The rewriting must be performed by calling method encodeURL() of the Servlet API." And the servlet spec does not make any provision to encode any special character. public String HttpServletResponse.encodeURL(String url) This method encodes (rewrites) the specified URL to include the session ID and returns the new URL, or, if encoding is not needed or not supported, it leaves the URL unchanged. The rules used to decide when and how to encode a URL are server-specific. All URLs emitted by a servlet should be run through this method. Note that this encodeURL( ) method could more properly have been named rewriteURL( ) so as not to be confused with the URL encoding process that encodes special characters in URL strings. The call to URLEncoder.encode() must be done explicitely. However, I do agree it would be convenient if <c:url> not only did the rewriting, but the encoding as well. Not clear to me why the Expert Group did not think of this at the time. I've submitted an RFE to the JSTL spec so it can be considerered. See: https://jstl-spec-public.dev.java.net/issues/show_bug.cgi?id=22 Thanks! -- Pierre