I have a situation where the user is able to enter any characters they want in a URL query string.
Example:
http://localhost/default.aspx?ID=a‡jljglkjg
How can I accept special characters such as ‡, ˆ, and † in asp.net from a URL query string? I am finding that when I attempt to retrieve these URL query string these special characters gets replaced with a “?”.
Note: The user inputs these query string into the URL.
This URL is wrong according to RFC.
If they are using browser, it would normally do the ecndoing required.
If it is done by JavaScript, use encodeURIcomponent
If it is a C# app, using HttpUtility.UrlEncode here
URLs can only be sent over the Internet using the ASCII character-set.
Those characters will always be excluded, you need to find another way to do it.
See http://www.w3schools.com/tags/ref_urlencode.asp for more information about valid URLs and encoding special characters.
Related
I’m making a POST API call in C# using HttpWebRequest class. In the URL I do have password as query string. But the password has # in it which is getting truncated to vigne. Data after # are considered as Fragment which suppose not to happen, is there fix for it ?
Password example: vigne#ash#Test
URL = https://vigneashtesting.com/oauth/token?login_type=password&userid=vigneash&password=vigne#ash#Test;
You should never include passwords (or any other confidential) information in query strings because they are displayed in the browser.
If you want to include special characters in a query string then you need to use encodings. You can find the encodings here: https://www.w3schools.com/tags/ref_urlencode.asp.
You can also use Uri.EscapeDataString or System.Web.HttpUtility.UrlEncode to encode special characters. See the following answer for the differences between the two: https://stackoverflow.com/a/47877559/19214431.
In my application user can change the query string value, for one of the key we are supporting all the special characters.
when i read the query string using below code
Request.QueryString["key"]
all the characters after # is getting trimmed.
we cannot support all the special characters ? Is there any alternatives ?
Thanks
The hash part of the url or fragment identifier is only available client side and as such will not be sent to the server. If you wish to send across the hash character you need to encode it which is %23.
Replace your hash sign with %23
This is just encoding the hash sign.
Is it Required to use '?' sign for query string in Asp.net with C# ?
and can its possible to convert my query string
www.xyz.com/test.aspx?name=rajeev
to
www.xyz.com/rajeev or www.xyz.com/name=rajeev
?name=rajeev is a query string. If you don't use a ? it's not a query string.
/name/rajeev isn't a query string, but it's a path (see ASP.NET routing or IIS URL rewrite module).
/name=rajeev is just a path with a custom way to specify name's value. I would avoid this: you're going to avoid a lot of issues if you choose one of two approaches above.
Also check what saids the URI standard RFC 3986:
[...] The query component is indicated by the first question mark ("?") character and terminated by a number sign ("#") character or by the end of the URI.
That is ? character isn't an ASP.NET requirement if you want to use query strings in your URLs, but it's the standard across all plataforms and languages.
For converting the url www.xyz.com/test.aspx?name=rajeev to www.xyz.com/rajeev
This can be done by Creating Rewrite Rules for the URL Rewrite Module in IIS.
Please read this link.
My web program is getting an error when trying to access a file in a code behind C# program that has a backward slash between the directory name and the file name. The address for the file comes into my web page with a query value of 'deaths\bakerd.htm'. The browser, however, converts it to 'deaths%08akerd.htm'.
The url in the webpage reads
'http://localhost:57602/obitm.aspx?url=deaths%08akerd.htm'
and says the web page cannot be found but the webpage obitm.aspx does exist so why would it say it doesn't?
If I manually change the value of the query value in Windows Explorer to 'deaths/bakerd.htm' it doesn't do any conversion when coming in as a query value in the browser and I am able to access the file in my C# program.
I tried to change the query value in javascript using
thisurl = url.replace("\\", "/")
but that didn't change anything.
I haven't tried any conversion in my C# program. So how do I programmatically change the '\' to a '/'? I have no idea why this is happening and is very confusing. Any help is appreciated.
Just Converting \ to / in the URL string won't work for you, because in this case the "\b" is being turned into the backspace character which gets encoded into %08 - which is the HEX value for the ASCII equivalent of the backspace character.
To fix this one occurrence, you could convert the "%08" into the string "/B" but there are lots of HTML codes for the various characters that it would not be productive or fun for you to try.
Where are you getting the original string containing the file name name from?
If it is something that you have control over then convert the "\" to "/" at the point when you read the path / name of the file and before you pass it in a URL to the Web App.
you could also HTMLEncode the path before sending it so that the string becomes
http://localhost:57602/obitm.aspx?url=deaths%92Bakerd.htm'
Try using verbatim string by prefixing with # symbol
string url = #"http://localhost:57602/obitm.aspx?url=deaths\bakerd.htm".Replace("\\","/").ToString();
try thisurl = url.Replace("\\", "/");
Just like in javascript.
To parse query string parameter, you can user:
NameValueCollection qscoll = HttpUtility.ParseQueryString(querystring);
Here us MSDN help
or you can:
HttpUtility.UrlEncode(Request.QueryString["url"]);
I am creating a link that creates URL parameters that contains links with URL parameters.
The issue is that I have a link like this
http://mydomain/_layouts/test/MyLinksEdit.aspx?auto=true&source=
http://vtss-sp2010hh:8088/AdminReports/helloworld.aspx?pdfid=193
&url=http://vtss-sp2010hh:8088/AdminReports/helloworld.aspx?pdfid=193%26pdfname=5.6%20Upgrade
&title=5.6 Upgrade
This link goes to a bookmark adding page where it reads these parameters.
auto is wheather to read the following parameters or not
source is where to go after you finish adding or cancelling
url is the bookmark link
title is the name of the bookmark
The values of url and title get entered into 2 fields. Then the user has to click save or cancel.
The problem is when the bookmark page enters the values into the field, it will decode them.
Then if you try to save, it will won't let you save because the pdfname value in the url value has a space in it. It needs the link to not have any spaces. So basically, I want it so that after it enters it in the field, it will still be a %20 instead of a space.
There isn't a problem with source, auto, or title, just the url...
Is there a way to solve this? Like maybe a special escape character I can use for the %20?
Note: I cannot modify the bookmark page.
I am using c#/asp.net to create the link and go to it.
Thanks
Since .NET Framework 4.5 you can use WebUtility.UrlEncode.
It resides in System.dll, so it does not require any additional references.
It properly escapes characters for URLs, unlike Uri.EscapeUriString
It does not have any limits on the length of the string, unlike Uri.EscapeDataString, so it can be used for POST requests
System.Net.WebUtility.UrlEncode(urlText)
Another option is
System.Uri.EscapeDataString()
Uri.EscapeDataString() and Uri.UnescapeDataString() are safe comparing to UrlEncode/UrlDecode methods and does not convert plus characters into spaces when decoding.
Some details from another user: http://geekswithblogs.net/mikehuguet/archive/2009/08/16/134123.aspx
Just use HttpUtilty's UrlEncode method right before you hand off the url;
string encoded = HttpUtility.UrlEncode(url);