OK, I’ve looked into this more, and it turns out there are several interesting/relevant things here:
- I stand by my recommendation — use
encodeURIComponent() to encode strings to be used as values for parameters in URLs, because it’s designed for that specific purpose and it will catch problematic characters like
'Straight single quotes
' don’t actually need escaping in URL strings and will have no adverse effect (even though the official standard, RFC 3986, lists them as reserved characters).
‘Curly single quotes
’, as with most other characters, should be escaped.
However, the root of your problem has nothing to do with any of this. The problem here is that the Quotes on Design API is returning strings that have already been optimized for HTML, meaning they contain HTML entities, including our friend
’ that’s causing you all this heartache.
Basically, you’ll need to find a way to unescape the HTML entities before encoding as a URI component. This should be elementary if you just want to deal with
’, and a little more involved if you want to catch every possible numerical entity.