0

I am automating the process of sign in and in the process of doing so, I will get different type of passwords which will include special characters.

My code is as below and I have tried to UrlEncode() the password, which didn't work. Please let me know if you find any issues in my code or which way i can find a work out. My passwords are "aab$#*#%232" and "@#:.;$%^&+-_h1&" : 

string uriString = "http://" + IP + URI ;    
string postData = "";    
TraceLine("The uri string is " + uriString);    
foreach (string key in values.AllKeys)    
{    
    TraceLine(key + "  " + values[key]);    
    postData += key + "=" + values[key] + "&";}}    
    if (postData.Length > 0) {    
    postData = postData.TrimEnd(postData[postData.Length - 1]);
}    
TraceLine("The postData string is " + postData);    
HttpWebRequest req =(HttpWebRequest)System.Net.WebRequest.Create(uriString);    
req.ContentType = "application/x-www-form-urlencoded";    
req.KeepAlive = false;    
req.Method = "POST";    
byte[] bytes = System.Text.Encoding.ASCII.GetBytes(postData);     
req.ContentLength=bytes.Length;    
System.IO.Stream os = req.GetRequestStream();    
os.Write(bytes, 0, bytes.Length);    
os.Close();}
JLRishe
  • 99,490
  • 19
  • 131
  • 169
VaasLolla
  • 51
  • 1
  • 1
  • 5
  • 2
    _"didn't work"_ What does that mean? Did you get an error? – JLRishe Feb 02 '17 at 18:16
  • .NET has built-in functionality for sending urlencoded POST requests. Like this: http://stackoverflow.com/questions/4088625/net-simplest-way-to-send-post-with-data-and-read-response – JLRishe Feb 02 '17 at 18:19
  • expected sign in did not happen and the password in Http request was sent as "aab%24%23*%23%25232" which is expected be "aab$#*#%232" – VaasLolla Feb 02 '17 at 18:19
  • Thankyou JLRishe, for pointing out to the other post. I went through the different types of post request options. but there is no mention of special characters or the way to deal with them. For me normal text as passwords work for sending the post request. The issue is only when we have special characters – VaasLolla Feb 02 '17 at 18:30

1 Answers1

6

You're actually having the correct results. See, the string is escaped to make it compatible for sending over HTTP. You wanted to have: "aab$##%232" but you got: "aab%24%23%23%25232"
%24 = $
%23 = #
%25 = %

In order to have the string you want back you just have to Un-Escape the string using the Uri.UnescapeDataString method.

string str = Uri.UnescapeDataString("aab%24%23*%23%25232");

Still I'd like to discourage you from sending and receiving sensitive data in plain text, even if its escaped. Maybe something from encryption could help?

CubanTurin
  • 177
  • 1
  • 10
  • Thank you for the help , i can post the request, can not parse it on the server end. I should be able to send / encode the string which will go in the current format . – VaasLolla Feb 10 '17 at 04:38
  • Thankyou CubanTurin , Your answer gave me a thought to relook at the type of post request i am using. I used the uploadValues() to get this working. – VaasLolla Feb 13 '17 at 09:35