I’m making a POST API call in C# using HttpWebRequest class. In the URL I do have password as query string. But the password has # in it which is getting truncated to vigne. Data after # are considered as Fragment which suppose not to happen, is there fix for it ?
Password example: vigne#ash#Test
URL = https://vigneashtesting.com/oauth/token?login_type=password&userid=vigneash&password=vigne#ash#Test;
You should never include passwords (or any other confidential) information in query strings because they are displayed in the browser.
If you want to include special characters in a query string then you need to use encodings. You can find the encodings here: https://www.w3schools.com/tags/ref_urlencode.asp.
You can also use Uri.EscapeDataString or System.Web.HttpUtility.UrlEncode to encode special characters. See the following answer for the differences between the two: https://stackoverflow.com/a/47877559/19214431.
Related
In my application user can change the query string value, for one of the key we are supporting all the special characters.
when i read the query string using below code
Request.QueryString["key"]
all the characters after # is getting trimmed.
we cannot support all the special characters ? Is there any alternatives ?
Thanks
The hash part of the url or fragment identifier is only available client side and as such will not be sent to the server. If you wish to send across the hash character you need to encode it which is %23.
Replace your hash sign with %23
This is just encoding the hash sign.
Is it Required to use '?' sign for query string in Asp.net with C# ?
and can its possible to convert my query string
www.xyz.com/test.aspx?name=rajeev
to
www.xyz.com/rajeev or www.xyz.com/name=rajeev
?name=rajeev is a query string. If you don't use a ? it's not a query string.
/name/rajeev isn't a query string, but it's a path (see ASP.NET routing or IIS URL rewrite module).
/name=rajeev is just a path with a custom way to specify name's value. I would avoid this: you're going to avoid a lot of issues if you choose one of two approaches above.
Also check what saids the URI standard RFC 3986:
[...] The query component is indicated by the first question mark ("?") character and terminated by a number sign ("#") character or by the end of the URI.
That is ? character isn't an ASP.NET requirement if you want to use query strings in your URLs, but it's the standard across all plataforms and languages.
For converting the url www.xyz.com/test.aspx?name=rajeev to www.xyz.com/rajeev
This can be done by Creating Rewrite Rules for the URL Rewrite Module in IIS.
Please read this link.
I created a sql table with a field in "latin_swedish_ci" and downloaded a lot of data in this field. But a lot of special foreign characters have automatically converted in something very difficult to use.
For example I have those east-europe characters :
ō
ą
ł
š
Problem is those characters are part of a url and .net does not automatically convert into "real characters". For example when I use with webclient the real url isn't reached.
Is there a way to directly convert those characters code into the real characters in the db.
Or at least a way to turn them for use in the webclient DownloadString function ?
Those codes looks like special html characters. Have a look here and check if you get the right character out of the code. If so at the bottom of the post there are some hint about how to use code for conversion.
You can also look at these SO answers to get some more examples:
Answer 1
Answer 2
this may be a silly question, but it trips me up every time.
HttpUtility has the methods HtmlDecode and UrlDecode. Do these two methods decode anything (Html/Http related) I might find? When do I have to use them, and which one am I supposed to use?
Just now I hit an error. This is my error log:
Payment receiver was not payment#mysite.com. (it was payment%40mysite.com).
But, I wrapped the email address here in HttpUtility.HtmlDecode before using it. It turns out I have to use .UrlDecode instead, but this email address didn't come from a URL so this wasn't obvious to me.
Can someone clarify this?
See What is meant by htmlencode and urlencode?
It's the reverse of your case, but essentially you need to use UrlEncode/Decode anytime you are using an address of sorts (urls and yes, email addresses). HtmlEncode/Decode is for code that typically a browser would render (html/xml tags).
This same encoding is also used in Form POST requests as well.
My guess is something read it 'naked' without decoding it.
Html Encoding/Decoding is only used to escape strings that contain characters that would otherwise be interpreted as html control characters. The process turns the characters into html entities and back again.
Url Encoding is to get around the fact that many characters are not allowed in Uris; or because they too could be misinterpreted. Thus the percent encoding is used.
Percent encoding is also used in the body of http requests.
In both cases, of course, it's also a way of expressing a specific character code in a request/response independent of character sets; but equally, interpreting what is meant by a particular code can also be dependent on knowing a particular character set. Generally you don't worry about that - but it can be important (especially in the HTML case).
URLEncode converts characters that aren't allowed in a URL into character equivalents which are parsable as a URL. In your example # became %40. URLDecode reverses this.
HTMLEncode is similar to URLEncode, but the target environment is text NESTED inside of HTML. This helps the browser from interpereting your content as HTML, but when rendered it should look like the decoded version. HTMLDecode reverses this.
When you see %xx this means percent encoding has occured - this is a URL encoding scheme, so you need to use UrlEncode / UrlDecode.
The HtmlEncode and HtmlDecode methods are for encoding and decoding elements for HTML display - so things like & get encoded to & and > to >.
I have a situation where the user is able to enter any characters they want in a URL query string.
Example:
http://localhost/default.aspx?ID=a‡jljglkjg
How can I accept special characters such as ‡, ˆ, and † in asp.net from a URL query string? I am finding that when I attempt to retrieve these URL query string these special characters gets replaced with a “?”.
Note: The user inputs these query string into the URL.
This URL is wrong according to RFC.
If they are using browser, it would normally do the ecndoing required.
If it is done by JavaScript, use encodeURIcomponent
If it is a C# app, using HttpUtility.UrlEncode here
URLs can only be sent over the Internet using the ASCII character-set.
Those characters will always be excluded, you need to find another way to do it.
See http://www.w3schools.com/tags/ref_urlencode.asp for more information about valid URLs and encoding special characters.