urlencode passwords with XMLAPI createacct?

coppershadow

Member
Aug 29, 2007
15
0
51
I'm assuming I should url encode the XMLAPI createacct password parameter. Is this correct? The online docs don't make mention of it.

For example, what if someone uses a space character, plus sign or ampersand in their password? At this point I think it might be simpler on my part to restrict the character set as part of my form processing prior to calling the API. I'd like to hear what others have done.

Thanks,
Brian
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,212
13
313
Houston, TX
cPanel Access Level
Root Administrator
I'm assuming I should url encode the XMLAPI createacct password parameter. Is this correct? The online docs don't make mention of it.

For example, what if someone uses a space character, plus sign or ampersand in their password? At this point I think it might be simpler on my part to restrict the character set as part of my form processing prior to calling the API. I'd like to hear what others have done.

Thanks,
Brian
You do not need to encode parameters to API function calls. If you are using the APIs over HTTPS, all data is encrypted anyway - and if you are calling them locally, there's typically no significant risk of sniffing.