As per this answer over here: str='foo%20%5B12%5D' encodes foo [12]:
%20 is space
%22 is quotes
%5B is '['
and %5D is ']'
This is called percent encoding and is used in encoding special characters in the url parameter values.
EDIT By the way as I was reading https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/encodeURI#Description, it just occurred to me why so many people make the same search. See the note on the bottom of the page:
Also note that if one wishes to follow the more recent RFC3986 for URL's, making square brackets reserved (for IPv6) and thus not encoded when forming something which could be part of a URL (such as a host), the following may help.
function fixedEncodeURI (str) {
return encodeURI(str).replace(/%5B/g, '[').replace(/%5D/g, ']');
}
Hopefully this will help people sort out their problems when they stumble upon this question.
The data would probably have been posted originally from a web form looking a bit like this (but probably much more complicated):
<form action="http://example.com" method="post">
User login <input name="user[login]" /><br />
User password <input name="user[password]" /><br />
<input type="submit" />
</form>
If the method were "get" instead of "post", clicking the submit button would take you to a URL looking a bit like this:
http://example.com/?user%5Blogin%5D=username&user%5Bpassword%5D=123456
or:
http://example.com/?user[login]=username&user[password]=123456
The web server on the other end will likely take the user[login] and user[password] parameters, and make them into a user object with login and password fields containing those values.
Not least important is why these symbols occur in url. See https://www.php.net/manual/en/function.parse-str.php#76792, specifically:
parse_str('foo[]=1&foo[]=2&foo[]=3', $bar);
the above produces:
$bar = ['foo' => ['1', '2', '3'] ];
and what is THE method to separate query vars in arrays (in php, at least).
