refactor(encode/decode_url): replace decodeURI with unescape

[curbengh]

unescape() is a safer alternative that doesn't throw error when encounter malformed URI.

[SukkaW]

LGTM!

[coveralls]

Coverage increased (+0.1%) to 97.087% when pulling 4490790 on curbengh:unescape into c92c5e3 on hexojs:master.

[SukkaW]

I will update the highlight test cases in another PR.

[curbengh]

I will update the highlight test cases in another PR.

I'm doing it.

[SukkaW]

I will update the highlight test cases in another PR.

I'm doing it.

Ops, I have done it in #215.

[curbengh]

before merging this, let me benchmark it first.

[curbengh]

no regression when using unescape() because it defaults to decodeURIComponent(); it's slower when encountering invalid input because it still attempts to decode, whereas safeDecodeURI() simply returns the input.

const Benchmark = require('benchmark');
const Suite = new Benchmark.Suite;
const normal = 'http://example.com/foo-bar/'
const safe = 'http://example.com/%e6%97%a5%e6%9c%ac%e8%aa%9e%e3%83%86%e3%82%b9%e3%83%88/'
const unsafe = 'http://example.com/100%%e6%97%a5%e6%9c%ac%e8%aa%9e%e3%83%86%e3%82%b9%e3%83%88/'

const safeDecodeURI = str => {
  try {
    return decodeURI(str);
  } catch (err) {
    return str;
  }
};
const { unescape } = require('querystring');

Suite.add('normal - safedecodeuri', () => {
  safeDecodeURI(normal)
}).add('normal - unescape', () => {
  unescape(normal)
}).add('safe - safedecodeuri', () => {
  safeDecodeURI(safe)
}).add('safe - unescape', () => {
  unescape(safe)
}).add('unsafe - safedecodeuri', () => {
  safeDecodeURI(unsafe)
}).add('unsafe - unescape', () => {
  unescape(unsafe)
}).on('cycle', function(event) {
  console.info(String(event.target));
}).run();

$ node benchmark.js 
normal - safedecodeuri x 2,093,814 ops/sec ±0.77% (90 runs sampled)
normal - unescape x 2,115,907 ops/sec ±1.04% (93 runs sampled)
safe - safedecodeuri x 1,121,016 ops/sec ±1.23% (91 runs sampled)
safe - unescape x 1,130,716 ops/sec ±0.96% (95 runs sampled)
unsafe - safedecodeuri x 128,500 ops/sec ±0.85% (84 runs sampled)
unsafe - unescape x 99,811 ops/sec ±0.52% (93 runs sampled)

$ node benchmark.js 
normal - safedecodeuri x 1,924,865 ops/sec ±0.39% (89 runs sampled)
normal - unescape x 1,907,475 ops/sec ±1.98% (88 runs sampled)
safe - safedecodeuri x 1,073,136 ops/sec ±0.69% (92 runs sampled)
safe - unescape x 1,080,342 ops/sec ±0.41% (93 runs sampled)
unsafe - safedecodeuri x 127,551 ops/sec ±0.46% (91 runs sampled)
unsafe - unescape x 98,897 ops/sec ±0.82% (87 runs sampled)

$ node benchmark.js 
normal - safedecodeuri x 2,103,102 ops/sec ±0.78% (88 runs sampled)
normal - unescape x 2,117,408 ops/sec ±1.50% (92 runs sampled)
safe - safedecodeuri x 1,131,106 ops/sec ±1.38% (94 runs sampled)
safe - unescape x 1,137,913 ops/sec ±1.15% (91 runs sampled)
unsafe - safedecodeuri x 128,343 ops/sec ±1.37% (88 runs sampled)
unsafe - unescape x 101,167 ops/sec ±0.57% (66 runs sampled)

[SukkaW]

https://github.com/nodejs/node/blob/8ada27510dd5a2269dfc2af2777365be8b2d02ac/lib/querystring.js#L117-L123

It appears that Node.js is handling unsafe query string with try ... catch ... syntax as well, thus there will be no performance gained from this PR. However, I do agree utilizing the Node.js API.