passing "&" string to controller using get method - c#

I am trying to pass string via url GET parameters to my MVC controller. But the problem is whenever inside my string any "&" comes up its just getting skipped the text from there. The reason i found is on http get "&" is reserved for define new parameters. Is there any way to pass string smoothly?
http://localhost:60617/CategoryResearch/Result?page=1&keywords=Baby
Safety & Health
Example string is: "Baby Safety & Health"

You have to send the & encoded as this:
http://localhost:60617/CategoryResearch/Result?page=1&keywords=Baby Safety %26 Health
Here you have a complete reference on how to encode special characters:
https://www.w3schools.com/tags/ref_urlencode.asp

As mentioned in the comments, you need to UrlEncode your string before sending it. Take a look at HttpUtility.UrlEncode.
string keyWords = HttpUtility.UrlEncode("Baby Safety & Health");

Ampersand's are one of many characters that have a special meaning when your browser parses a URL. You can learn more about this from the wiki page.
In order to use these characters in a URL, the URL must be encoded. In C#, you can use UrlEncode to generate an encoded URL string.

Yes; that's correct.
You need to use JSON.stringify while placing the parameters. It will encode "&" and other special characters. For example,
data: {
emp_id: JSON.stringify(emp_id)
},

Related

Escape sequence in password - c#

I’m making a POST API call in C# using HttpWebRequest class. In the URL I do have password as query string. But the password has # in it which is getting truncated to vigne. Data after # are considered as Fragment which suppose not to happen, is there fix for it ?
Password example: vigne#ash#Test
URL = https://vigneashtesting.com/oauth/token?login_type=password&userid=vigneash&password=vigne#ash#Test;
You should never include passwords (or any other confidential) information in query strings because they are displayed in the browser.
If you want to include special characters in a query string then you need to use encodings. You can find the encodings here: https://www.w3schools.com/tags/ref_urlencode.asp.
You can also use Uri.EscapeDataString or System.Web.HttpUtility.UrlEncode to encode special characters. See the following answer for the differences between the two: https://stackoverflow.com/a/47877559/19214431.

ASP C#: Special characters: #, $, + cant pass trough URL parameter

I need to get file from virtual folders. I have GetDocumentPreview.aspx which can do it. The parameters are URL type. Below good one:
/GetDocumentPreview.aspx?name=filename&type=jpg
//But if I ask for file with #, &, + in name:
/GetDocumentPreview.aspx?name=&filename&type=jpg
/GetDocumentPreview.aspx?name=#filename&type=jpg
/GetDocumentPreview.aspx?name=+filename&type=jpg
I have no file, because of characters #, &, + (I've tested all characters).
How can I pass #, &, + to URL parameter. I need to use URL parameter because i call this class from Javascript hover tooltip with images.
You need to escape those special chars :
This function does it best :
Be careful , don't use UrlEncode
You should encode special characters if you're placing them into a URL.
You can use HttpServerUtility.UrlEncode on your string URL before placing it into the hyperlinks/buttons redirect location. An example would be:
string destinationURL = "http://www.contoso.com/default.aspx?user=specialCharacters";
NextPage.NavigateUrl = "~/Finish?url=" + Server.UrlEncode(destinationURL);
In your case, you should UrlEncode the filenames before placing them into the URL string, the special characters mentioned will be used as:
& = %26
+ = %2B
For more you can see here: http://msdn.microsoft.com/en-us/library/zttxte6w(v=vs.110).aspx
Use urlencoded value of these characters. A list can be found here -
http://www.w3schools.com/tags/ref_urlencode.asp
for example, & would be - %26.
So, /GetDocumentPreview.aspx?name=&filename&type=jpg would be - /GetDocumentPreview.aspx?name=%26filename&type=jpg

Request Object not picking up all characters

I am stumped on this scenario. Basically I have an URL that is passed to a aspx page and then I try to get query string from the URL, but what happens is when I try to get the query string from the URL it omits the '+' and replaces it with an whitespace.
My URL = http://localhost:3872/Test.aspx?mt=jan1TNIixxA1+8tl/0vLLg2PPGq0vMOLEhFQNuG4AJU12VMZpnWTrgar82K5UlXatQT9E9EAUet+q7rq7FoTJf+S2JnSbIptgJDY1EZwRPJDTROktfu5zy25oydmSHB6a4oZetV5mI3s+0R7vW8I0S9d765RHdYU2xkRuojHYZU=
Request["mt"] =jan1TNIixxA1 8tl/0vLLg2PPGq0vMOLEhFQNuG4AJU12VMZpnWTrgar82K5UlXatQT9E9EAUet q7rq7FoTJf S2JnSbIptgJDY1EZwRPJDTROktfu5zy25oydmSHB6a4oZetV5mI3s 0R7vW8I0S9d765RHdYU2xkRuojHYZU=
As you can see these two strings are different.
I thought it was the object to string conversion but this does not seem to be the case cause the value of the object has the omitted '+' before conversion.
What can be done to avoid this character replacement (I want to try and avoid string manipulation)
Also what could the cause of this be?
you are getting that because + is the url encoded representation of space " ". If you want to preseve the plus sign in your value you will need to url encode it:
Send that querystring in URL encoded formate and then you will get the expected result.
see: why Request.QueryString replace + with empty char in some cases?
You can use
MyUrl = MyUrl.Replace("+",#"%2B");
The problem is the '+' character is being converted to whitespace if you use httprequest. If you convert it to its hex value, you can pass it with no problem.
You should use HttpUtility.UrlEncode to generate you parameter value. Currently it seems you are using base64 encoding which is not optimal for query parameters.
Use this:
mt=encodeURIComponent(mt);//if mt be --> jan1TNIixxA1+8tl/0vLLg2PPGq0vMOLEhFQNuG4AJU12VMZpnWTrgar82K5UlXatQT9E9EAUet+q7rq7FoTJf+S2JnSbIptgJDY1EZwRPJDTROktfu5zy25oydmSHB6a4oZetV5mI3s+0R7vW8I0S9d765RHdYU2xkRuojHYZU=
Response.Redirect("Test.aspx?"+mt);
this will encode your URL and after this '+' will converted to "%2B" and if you want to read encoded URL it will not converted to space.
from here
If it is really so important to avoid changing the string when you send it, you could chanhe it AFTER you get ir from httprequest. Maybe you could use:
MyUrl = (Request["mt"].Replace(" ","+"));
There is no possibility to pass the space in url, so when you have a space, you can be sure that there was a '+' in there.
You can get the query string using following method
string strQuery = Request.Url.Query;

Plus sign in query string

I have a webapp created using C# and asp.net. I placed a parameter value in the querystring with a plus(+) sign. But the plus sign disappear.
How can I include the plus sign(+) in the query string without disappearing?
Please advise.
Thanks.
Edit: added code with UrlEncode
string str = Server.UrlEncode(Requery.QueryString["new"]);
+ sign has a semantic meaning in the query string. It is used to represent a space. Another character that has semantic importance in the query string is & which is used to separate the various var=value pairs in the query string.
Most server side scripts would decode the query parameters before using them, so that a + gets properly converted to a space. Now, if you want a literal + to be present in the query string, you need to specify %2B instead.
+ sign in the query string is URL-decoded to a space. %2B in the query string is URL-decoded to a + sign.
See the difference between
http://www.google.com/search?q=foo+bar
and
http://www.google.com/search?q=foo%2Bbar
In the above examples, Google's server script is URL-decoding the query parameters and then using them to do the search.
URL-encoding is nothing but % sign followed by the hex-code of the special character. For example, we know that the hex code of A is 0x41 (decimal: 65). Try this:
http://www.google.com/search?q=%41
Hope this makes URL-encoding clear.
So, if you want the + sign to be preserved when a JavaScript is fetching a URL with + signs in its query parameters and a server side script would process the query parameters after URL-decoding it, you should URL-encode the query parameters in the URL before using issuing the HTTP get request so that all + signs are converted to %2B's when the request reaches the server side script. Now when the server side script URL-decodes the query string, all %2B's gets converted back to + signs which is what you want.
See Encode URL in JavaScript? to learn how to URL-encode the parameters using JavaScript. Short answer from the discussion there:
var encodedURL = "http://example.com/foo.php?var=" + encodeURIComponent(param);
You should URLEncode your query string values to make sure any special characters are not lost.
Look at HTML URL Encoding Reference
You need to Encode the + sign - It's value should be %2B
I alter my previous statement so no one gets confused!
Create your url using the Server.UrlEncode.
e.g.
string myUrl = "http://myurl?param1=" + Server.UrlEncode("my+param+1");
For the solution, I have applied:
Step 1:Use Server.UrlEncode method for encoding the URL parameter.
Response.Redirect("YourURL?parameter=Server.UrlEncode(parameterValue.ToString().Trim()");
step 2: on another side, you get a string with a plus(+) sign.
var parameter = Request.QueryString["parameterValue"].ToString().Trim();
This is the result: %2beH8 --> +eH8
Other simple way is, Request.Url.ToString().Substring(Request.Url.ToString().IndexOf("=") + 1) assuming that my URL is, http://localhost/MyApp/Activate.aspx?ActivationCode=cHbtqH9P2dDZkx/mYUgFFo7nrNqSFgqdPisAzzu5/nwlEYDOHI+CQw==
before send you parameter, you need check if the parameter contains plus sign, if have you need replace to one flag, for example:
the parameter is: klasjdlkasd+djid3223
can you replace: klasjdlkasdFLAGdjid3223
and when you go convert, you need replace angain
klasjdlkasd+djid3223
Try this, it works for me:
Request.QueryString["new"].Trim();
The solution is to ALWAYS include .Replace(" ", "+") when you request querystring
string s = Request.QueryString["id"].Trim().Replace(" ", "+");
source: http://www.webmasterworld.com/forum47/3238.htm
Add this line in Decrypt Funcation:
strText = strText.Replace(" ", "+");

response redirect with '+'

when I write
Response.Redirect("Default2.aspx?Name=" + TextBox1.Text);
then
string input = Request.QueryString["Name"];
if I write yahoo+music in textbox
the input will be yahoo music why ? and how can I keep the '+' ?
+ is the encoding for space in query strings. To encode + you need to use %2b.
Try UrlEncode which should handle this for you.
A plus in the URL means a space. You should URL encode the value that you put in the URL:
Response.Redirect("Default2.aspx?Name=" + Server.UrlEncode(TextBox1.Text));
I've another way - although a little bit 'tricky' - to reach your goal by passing '+'(or any other special character) in query string
when you pass the query string you write like this:
Response.Redirect("Default.aspx?Name="+TextBox1.Text.Replace("+","_"));
then it will pass Default.aspx?Name=Yahoo_Music
and to request it, just replace again
string input = Request.QueryString["Name"].Replace("_","+");
input will be: Yahoo+Music.
although this way a little bit tricky but sometimes this way very helpful to pass special character in query string.
Thanks

Categories

Resources