Encoding of macro contents

Some macro content contains user-provided data such as the requested URI or the Referer header of that request. It is important for security reasons to ensure that reserved, or special characters in client-supplied data are encoded.

WebSEAL URI encodes macro contents to ensure the content does not return reserved, or special characters back to the client. URI encoding is an international standard that allows us to map the wide range of characters used worldwide into the limited character-set used by a URI.

Notes on encoding macro contents:

• WebSEAL always applies URI encoding to macro contents, even if the original data has already been encoded.
• Encoded macro contents must be decoded using standard URI decoding rules.
• URI encoding increases the string length of macro content, and therefore the Location header (where the content is embedded in the query string). For a discussion of Location header length issues, see Macro content length considerations.

Parent topic: Macro support for local response redirection