0

How can i send special characters in a querystring?

Like:

thankyou.aspx?data=GQH/FUvq9sQbWwrYh5xX7G++VktXU5o17hycAfNSND8gt8YbbUaJbwRw

The ++ gets taken out when i do this:

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
  Dim theData As String = Request.QueryString("data")
  ....

It stores it inside theData like this:

GQH/FUvq9sQbWwrYh5xX7G VktXU5o17hycAfNSND8gt8YbbUaJbwRw

So therefore its invalid. How can i properly send that string over without it changing once its received?

update

Doing this:

Dim en As String = endecryption.EncryptData("=" & "aclub" & "=" & strName & "=" & strEmail)
Response.Redirect("/thankyou.aspx?data=" & HttpUtility.UrlEncode(en), False)

And at the other end:

Dim theData As String = HttpUtility.UrlDecode(Request.QueryString("data"))

It sends it like: GQH%2fFUvq9sQbWwrYh5xX7G%2bVktXU5o17hycAfNSND8gt8YbbUaJbwRw

But it decodes it like: GQH/FUvq9sQbWwrYh5xX7G[2 spaces here]VktXU5o17hycAfNSND8gt8YbbUaJbwRw

StealthRT
  • 10,108
  • 40
  • 183
  • 342
  • take a look at: http://stackoverflow.com/questions/12856140/encrypt-and-decrypt-password/12856263#12856263 – Aristos Oct 16 '12 at 13:48
  • @Aristos: When i do that it comes out as **GQH%2fFUvq9sQbWwrYh5xX7G%2b%2bVktXU5o17hycAfNSND8gt8YbbUaJbwRw** – StealthRT Oct 16 '12 at 13:59
  • What you do ? if you make the full replacement and encode/decode then the string is correct. – Aristos Oct 16 '12 at 14:02

2 Answers2

3

take a look at using Server.UrlEncode() to encode the param before including it in the querystring, and using Server.UrlDecode() to transform it back when you need it.

msdn article

calling Server.UrlEncode() on "GQH/FUvq9sQbWwrYh5xX7G++VktXU5o17hycAfNSND8gt8YbbUaJbwRw" yields:

GQH%2fFUvq9sQbWwrYh5xX7G%2b%2bVktXU5o17hycAfNSND8gt8YbbUaJbwRw

and calling Server.UrlDecode on that result yields:

GQH/FUvq9sQbWwrYh5xX7G++VktXU5o17hycAfNSND8gt8YbbUaJbwRw

You need to make sure that you url encode the query string data before you append it on the url.

Mike Corcoran
  • 14,072
  • 4
  • 37
  • 49
  • Seems to still leave out the **++** even when i add those 2 things. – StealthRT Oct 16 '12 at 13:56
  • then you're doing something wrong. you need to url encode the query string data before you add it to the url and redirect the user to that url. when you get the data out, you just Server.UrlDecode(Request.QueryString("data")) to get the result as plain text. – Mike Corcoran Oct 16 '12 at 14:01
  • I'm doing **Dim theData As String = HttpUtility.UrlDecode(Request.QueryString("data"))** and its not converting for some reason? It just has the spaces where the **++** would be going. – StealthRT Oct 16 '12 at 14:10
  • and are you encoding the querystring that you stick on the url before the user hits the page? – Mike Corcoran Oct 16 '12 at 14:17
  • hmm, did you update the OP with the data exactly as you get it? the encoded string as you posted it only shows one %2b where you say two spaces are showing up, which is... weird. – Mike Corcoran Oct 16 '12 at 14:29
1

You can:

  1. As Mike stated, you can HttpServerUtility.UrlEncode the base64 string above (and conversely decode)
  2. If you're sticking with MS on both ends, you can also look into HttpServerUtility.UrlTokenEncode - see this note if you choose this option

Update

Ugh. It's coming back to me - base64 gotchas: "The constructor for HttpRequest will parse the actual string QueryString and UrlDecode the values for you. Be careful not to DOUBLE DECODE." - Scott Hanselman

My personal suggestion would be to go the UrlToken route if you're going to do base64...

Community
  • 1
  • 1
EdSF
  • 11,753
  • 6
  • 42
  • 83