The HTTP request which is passed to the analyzer program for parsing is in its escaped form. Reserved or excluded characters in the URL, or in form data in the message body, are presented as a %xx sequence, wherexx is the ASCII hexadecimal representation of the reserved character. The analyzer can pass the request in a 32K block of storage to subsequent processing stages in its escaped form, with the escape sequences still present, or in its unescaped form, with the escape sequences converted back to the original characters. Web-aware application programs using the EXEC CICS WEB API commands do not use this mechanism to receive the response, and they request unescaping directly from CICS®.
Web-aware application programs using the EXEC CICS WEB API commands do not use the COMMAREA mechanism to receive and send the response, and they request unescaping directly from CICS. For Web-aware applications that use the EXEC CICS WEB API commands, when you extract form data from a request using the WEB READ FORMFIELD command or form field browsing commands, CICS performs the unescaping, and the data is returned in its unescaped form. When you extract a query string from a request using the WEB EXTRACT command, the data is returned in its escaped form.
If you are writing an application with a COMMAREA interface that can be run either through CICS Web support or through the CICS business logic interface, ensure that WBRA_UNESCAPE is set to WBRA_UNESCAPE_NOT_REQUIRED, and that any unescaping is delegated to the application. If this is not done, the application is passed unescaped data by the CICS business logic interface, and escaped data by CICS Web support, which might cause unpredictable results.