I have a console application. I have to remove all the unwanted escape characters from an HTML query string. Here is my query string
string query="http://10.1.1.186:8085/PublicEye_common/Jurisdiction/Login.aspx?ReturnUrl=%2fPublicEye_common%2fJurisdiction%2fprint.html%3f%257B%2522__type%2522%253A%2522xPad.Reports.ReportDetail%2522%252C%2522ReportTitle%2522%253A%25221%2522%252C%2522ReportFooter%2522%253A%25221%2522%252C%2522ReportHeader%2522%253A%25221%2522%252C%2522CommonFields%2522%253A%255B%255D%252C%2522Sections%2522%253A%255B%257B%2522SectionTitle%2522%253A%2522Sections%2522%252C%2522ShowTitleSection%2522%253Atrue%252C%2522SubSections%2522%253A%255B%257B%2522SubSectionTitle%2522%253A%2522Sub%2520Section%2522%252C%2522ShowTitleSubSection%2522%253Atrue%252C%2522FormGroups%2522%253A%255B%257B%2522FormGroupTitle%2522%253A%2522Form%2520Groups%2522%252C%2522ShowTitleFormGroup%2522%253Atrue%252C%2522FormFields%2522%253A%255B%257B%2522FormFieldTitle%2522%253A%2522Form%2520Fields%2522%252C%2522FormFieldValue%2522%253A%252212%2522%257D%255D%257D%255D%257D%255D%257D%255D%257D&%7B%22__type%22%3A%22xPad.Reports.ReportDetail%22%2C%22ReportTitle%22%3A%221%22%2C%22ReportFooter%22%3A%221%22%2C%22ReportHeader%22%3A%221%22%2C%22CommonFields%22%3A%5B%5D%2C%22Sections%22%3A%5B%7B%22SectionTitle%22%3A%22Sections%22%2C%22ShowTitleSection%22%3Atrue%2C%22SubSections%22%3A%5B%7B%22SubSectionTitle%22%3A%22Sub%20Section%22%2C%22ShowTitleSubSection%22%3Atrue%2C%22FormGroups%22%3A%5B%7B%22FormGroupTitle%22%3A%22Form%20Groups%22%2C%22ShowTitleFormGroup%22%3Atrue%2C%22FormFields%22%3A%5B%7B%22FormFieldTitle%22%3A%22Form%20Fields%22%2C%22FormFieldValue%22%3A%2212%22%7D%5D%7D%5D%7D%5D%7D%5D%7D";
I tried the following:
string decode = System.Net.WebUtility.HtmlDecode(query);
string decode2 =System.Net.WebUtility.UrlDecode(query);
string decode3=System.Web.HttpServerUtility.UrlTokenDecode(query).ToString();
None will give me the best results.
This worked for me:
string decode = HttpUtility.UrlDecode(Uri.UnescapeDataString(query));
HttpUtility is in the namespace System.Web. you might need to add the reference.
Output:
http://10.1.1.186:8085/PublicEye_common/Jurisdiction/Login.aspx?ReturnUrl=/PublicEye_common/Jurisdiction/print.html?{"__type":"xPad.Reports.ReportDetail","ReportTitle":"1","ReportFooter":"1","ReportHeader":"1","CommonFields":[],"Sections":[{"SectionTitle":"Sections","ShowTitleSection":true,"SubSections":[{"SubSectionTitle":"Sub Section","ShowTitleSubSection":true,"FormGroups":[{"FormGroupTitle":"Form Groups","ShowTitleFormGroup":true,"FormFields":[{"FormFieldTitle":"Form Fields","FormFieldValue":"12"}]}]}]}]}&{"__type":"xPad.Reports.ReportDetail","ReportTitle":"1","ReportFooter":"1","ReportHeader":"1","CommonFields":[],"Sections":[{"SectionTitle":"Sections","ShowTitleSection":true,"SubSections":[{"SubSectionTitle":"Sub Section","ShowTitleSubSection":true,"FormGroups":[{"FormGroupTitle":"Form Groups","ShowTitleFormGroup":true,"FormFields":[{"FormFieldTitle":"Form Fields","FormFieldValue":"12"}]}]}]}]}
Panagiotis Kanavos has made a good point in the comments:
The querystring part contains an encoded URL parameter (ReturnUrl),
which means it had to be encoded as a data string in the first place.
That's a stricter encoding that UrlEncoding
Related
I’m making a POST API call in C# using HttpWebRequest class. In the URL I do have password as query string. But the password has # in it which is getting truncated to vigne. Data after # are considered as Fragment which suppose not to happen, is there fix for it ?
Password example: vigne#ash#Test
URL = https://vigneashtesting.com/oauth/token?login_type=password&userid=vigneash&password=vigne#ash#Test;
You should never include passwords (or any other confidential) information in query strings because they are displayed in the browser.
If you want to include special characters in a query string then you need to use encodings. You can find the encodings here: https://www.w3schools.com/tags/ref_urlencode.asp.
You can also use Uri.EscapeDataString or System.Web.HttpUtility.UrlEncode to encode special characters. See the following answer for the differences between the two: https://stackoverflow.com/a/47877559/19214431.
I'm using AES encryption for the values of a URL. I've sampled it here with only one parameter to demonstrate the problem:
http://localhost:12345/pagename?id=ha3bEv8A%2ffs0goPGeO6NPQ%3d%3d
Request.QueryString["id"] returns "ha3bev8a/fs0gopgeo6npq==" which clearly does not match the value of the encrypted ID. Is something tripping up QueryString?
You are getting a URL-encoded query string, which Request.QueryString["id"] seems to decode for you. You could always just re-encode it:
string decodedId = Request.QueryString["id"];
string reEncodedId = HttpUtility.UrlEncode(decodedId);
The value you are seeing is in fact correct. What might be confusing you, is in the way it is presented. The id value in the URL is encoded in URL Encoding.
Some characters have to be encoded in the URL String in a different way, as they are special characters that sometimes can mess up the way the string is interpreted if they aren't encoded properly.
For example, in the query string you provided:
http://localhost:12345/pagename?id=ha3bEv8A%2ffs0goPGeO6NPQ%3d%3d
The %2f characters are a way to encode the '/' character, while %3d is a way to encode the '=' character.
When you get the value by getting Request.QueryString["id"] , it is decoding it back from an URL Encoded string to raw text.
Check this page for more reference.
https://www.w3schools.com/tags/ref_urlencode.asp
I am stumped on this scenario. Basically I have an URL that is passed to a aspx page and then I try to get query string from the URL, but what happens is when I try to get the query string from the URL it omits the '+' and replaces it with an whitespace.
My URL = http://localhost:3872/Test.aspx?mt=jan1TNIixxA1+8tl/0vLLg2PPGq0vMOLEhFQNuG4AJU12VMZpnWTrgar82K5UlXatQT9E9EAUet+q7rq7FoTJf+S2JnSbIptgJDY1EZwRPJDTROktfu5zy25oydmSHB6a4oZetV5mI3s+0R7vW8I0S9d765RHdYU2xkRuojHYZU=
Request["mt"] =jan1TNIixxA1 8tl/0vLLg2PPGq0vMOLEhFQNuG4AJU12VMZpnWTrgar82K5UlXatQT9E9EAUet q7rq7FoTJf S2JnSbIptgJDY1EZwRPJDTROktfu5zy25oydmSHB6a4oZetV5mI3s 0R7vW8I0S9d765RHdYU2xkRuojHYZU=
As you can see these two strings are different.
I thought it was the object to string conversion but this does not seem to be the case cause the value of the object has the omitted '+' before conversion.
What can be done to avoid this character replacement (I want to try and avoid string manipulation)
Also what could the cause of this be?
you are getting that because + is the url encoded representation of space " ". If you want to preseve the plus sign in your value you will need to url encode it:
Send that querystring in URL encoded formate and then you will get the expected result.
see: why Request.QueryString replace + with empty char in some cases?
You can use
MyUrl = MyUrl.Replace("+",#"%2B");
The problem is the '+' character is being converted to whitespace if you use httprequest. If you convert it to its hex value, you can pass it with no problem.
You should use HttpUtility.UrlEncode to generate you parameter value. Currently it seems you are using base64 encoding which is not optimal for query parameters.
Use this:
mt=encodeURIComponent(mt);//if mt be --> jan1TNIixxA1+8tl/0vLLg2PPGq0vMOLEhFQNuG4AJU12VMZpnWTrgar82K5UlXatQT9E9EAUet+q7rq7FoTJf+S2JnSbIptgJDY1EZwRPJDTROktfu5zy25oydmSHB6a4oZetV5mI3s+0R7vW8I0S9d765RHdYU2xkRuojHYZU=
Response.Redirect("Test.aspx?"+mt);
this will encode your URL and after this '+' will converted to "%2B" and if you want to read encoded URL it will not converted to space.
from here
If it is really so important to avoid changing the string when you send it, you could chanhe it AFTER you get ir from httprequest. Maybe you could use:
MyUrl = (Request["mt"].Replace(" ","+"));
There is no possibility to pass the space in url, so when you have a space, you can be sure that there was a '+' in there.
You can get the query string using following method
string strQuery = Request.Url.Query;
Google chrome automatically converts unicode strings in URL to something like this;
?querystring=مقالات
?querystring=%D9%85%D9%82%D8%A7%D9%84%D8%A7%D8%AA
My question is how to decode the encoded text in the codes for example for a comparing purpose?
if (Request.Url.Query == "?querystring=مقالات")
//do something
Check these out :)
Console.WriteLine(System.Web.HttpUtility.UrlDecode("http://www.google.com/search?q=مقالات"));
Console.WriteLine(System.Web.HttpUtility.UrlEncode("http://www.google.com/search?q=%D9%85%D9%82%D8%A7%D9%84%D8%A7%D8%AA"));
URL encoding ensures that all browsers will correctly transmit text in URL strings.
Characters such as a question mark (?), ampersand (&), slash mark (/), and spaces might be truncated or corrupted by some browsers. As a result, these characters must be encoded in tags or in query strings where the strings can be re-sent by a browser in a request string.
UrlDecode is a convenient way to access the HttpUtility.UrlDecode method at run time from an ASP.NET application. Internally, UrlDecode uses HttpUtility.UrlDecode to decode strings.
The following example decodes the string named EncodedString (received in a URL) into the string named DecodedString :
String DecodedString = Server.UrlDecode(EncodedString);
I have a query string which contains the character §, for example /search?q=5§2. This should be encoded as /search?q=5%c2%a72, but HttpContext.Current.Request.QueryString.ToString() gives me q=5%u00a72. For some reason the %c2 is lost.
Encoding is ok, you can read more details here http://en.wikipedia.org/wiki/Percent-encoding ("Non-standard implementations" part)
To not think about it you can just use HttpUtility.UrlDecode() to obtain real q=5§2 string regardless used encoding.