Try going into your browser console and typing:
window.location = 'http://causes.com/?a=true¬_a=false'
Now look at your address bar. What you see depends on which browser you're using.
Chrome, Firefox: http://www.causes.com/?a=true¬_a=false
Internet Explorer: http://www.causes.com/?a=true¬_a=false
Turns out that ¬
is an HTML entity. Internet Explorer tries to decode HTML entities in a URL assigned by a script, even if that script is external and not actually in an HTML document. Even if the URL is generated dynamically, or typed into a developer console. It doesn't happen if you manually type a URL into the address bar. Also, it's imprecise. If it sees ¬_
, it thinks yeah, close enough, you probably meant for that underscore to be a semicolon.
The implication is that whenever you name a query string parameter, you should check a list of HTML entities and make sure that you don't choose a name with a prefix matching one of the 253 HTML entities in existence. Testing in IE is not sufficient -- even if it works now, maybe that's because it's the first query string parameter (?not_a=
) and will break later when someone adds another parameter before this one (so it becomes ¬_a=
).
Yes, this sounds crazy. Please tell me that I'm missing something. Tested on Internet Explorer versions 8, 9, and 10.
Got a similar problem and found a solution at StackOverflow:
http://stackoverflow.com/questions/42893076/internet-explorer-html-entities-in-url