call request.querystring inside javascript function

Question

how to call Request.QueryString inside javascript function and i am using asp.net and C#

var str=<%=Request.quesryString("val")%>

but it is giving me error

Answer 1

If this javascript code is inline in your webform the correct way is to use a javascript serializer:

<script type="text/javascript">
    var str = <%= new JavaScriptSerializer().Serialize(Request.QueryString["val"]) %>;
    alert(str);
</script>

Never do the following, it's completely unsafe and your site vulnerable to XSS injection attacks:

<script type="text/javascript">
    var str = '<%= Request.QueryString["val"] %>';
    alert(str);
</script>

Answer 2

You can do it with JavaScript directly.

With window.location.search you get full queryString like ?item1=val1&item2=val2

You can get querystring using some like

window.location.search.substr(1)

and use .split('&') or substring function to get value of de 'val' key or another

Answer 3

You can actually write a function in javascript and pass the query string as parameter from the code behind. For example I have this textbox I want to set the value to the query

function searchTerm(text) {
        document.getElementById('txtSearch').value = text;
}

So in my code I use ScriptManager to call the javascript function and pass the query that way

ScriptManager.RegisterStartupScript(Page, typeof(Page), "", "searchTerm('" + Request.QueryString["id"].ToString() + "')", true);

Answer 4

Leveraging the theme of security in requests in ASP NET...

You can also use JavaScriptStringEncode() or the AntiXSS library to prevent XSS in your website.

Answer 5

You are doing it wrong use this code to get the QueryString value because it isn't just giving you a Query String in JavaScript it will convert this into an object so use $.each function to retrieve the value of Query String

 let id = $(<%= Request.QueryString["id"] %>);
                    id.each((index, value) => {
                        console.log(value);
                    })

It will return you a value of your Query String Thanks

Answer 6

use this:

var urlParams = new URLSearchParams(window.location.search);

console.log(urlParams.has('someValue')); // true

console.log(urlParams.get('someValue')); // "value"

it's key sensitive

Answer 7

Short answer: You can't. The code in the <%= %> block is evaluated on the server side, the JavaScript code is evaluated on the client side.

Long answer: You CAN use inline C# code to generate JavaScript code, which sometimes does make sense. But this is not the same thing as calling C# code from a JavaScipt function. Of course you can only do this in .aspx / .cshtml etc. files, not in .js files, because those are only treated as content and not parsed by ASP.NET.

[EDIT] In your situation there is no need to bother anyway, because you can get the query string through JS anyway, see How can I get query string values in JavaScript?

[EDIT2]: Of course the other answer about the JavaScriptSerializer is absoultely correct concerning safety. If you use the Razor view engine, things get a lot easier and safer because it escapes strings by default. But like I said, in the concrete case, there's no need to bother either way.