Un-escape JavaScript escaped value in Java

Question

In our web service we set a cookie through JavaScript wich we read again in Java (Servlet)

However we need to escape the value of the cookie because it may contain i

Answer 1

The most accurate way would be to Excecute javascript withing your java code. Hope the code below helps.

ScriptEngineManager factory = new ScriptEngineManager();
   ScriptEngine engine = factory.getEngineByName("JavaScript");
   ScriptContext context = engine.getContext();
   engine.eval("function decodeStr(encoded){"
             + "var result = unescape(encoded);"
             + "return result;"
             + "};",context);

     Invocable inv;   

    inv = (Invocable) engine;
    String res =  (String)inv.invokeFunction("decodeStr", new Object[]{cookie.getValue()});

Answer 2

Common lang's StringEscapeUtils didn't work for me.

You can simply use javascript nashorn engine to unescape a escaped javascript string.

private String decodeJavascriptString(final String encodedString) {
    ScriptEngine engine = new ScriptEngineManager().getEngineByName("nashorn");
    Invocable invocable = (Invocable) engine;
    String decodedString = encodedString;
    try {
        decodedString = (String) invocable.invokeFunction("unescape", encodedString);

    } catch (ScriptException e) {
        e.printStackTrace();
    } catch (NoSuchMethodException e) {
        e.printStackTrace();
    }

    return decodedString;
}

Answer 3

In java you got StringEscapeUtils from Commons Lang to escape/unescape.

In Javascript you escape through encodeURIComponent, but I think the Commons component I gave to you will satisfy your needs.

Answer 4

Client JavaScript/ECMAScript:

encodeURIComponent(cookie_value) // also encodes "+" and ";", see http://xkr.us/articles/javascript/encode-compare/

Server Java:

String cookie_value = java.net.URLDecoder.decode(cookie.getValue());

I'll add further discoveries to my blog entry.