6

I am facing a strange issue, sometimes i am getting the url from the sendgrid as

https://localhost:81/Activation?username=ats8@test.com&activationToken=EAAAAA

which works fine. but sometimes i am getting url which is encoded as follows,

"https://localhost:81/Activation?username=ats8%40test.com&activationToken=EAAAAA"

and my ViewModel is as follows,

  public class Verification
    {
        [DataType(DataType.EmailAddress)]
        public string Username { get; set; }

        [Required]
        [DataType(DataType.Password)]
        public string Password { get; set; }

        [Required]
        [DataType(DataType.Password)]
        [Compare("Password")]
        public string ConfirmPassword { get; set; }

        public string ActivationToken { get; set; }

    }

and the Method goes as follows,

 public ActionResult Activation(string username, string activationToken)
        {
            var model = new Verification
            {
                Username = username,
                ActivationToken = activationToken
            };

            return View(model);
        }

on the 2nd case, the activationToken comes as null. how can i detect activationToken even if the url is encoded?

  • This depends how the URL being generated from Sendgrid. According to RFC 3986, the `@` used as reserved character, hence it may [percent encoded](https://en.wikipedia.org/wiki/Percent-encoding) when used as query string. Please provide additional details about URL generated by Sendgrid instance. – Tetsuya Yamamoto Jan 28 '19 at 03:21
  • what information do you need? we generate the url and send it to the sendgrid as a mail tepmate. when user clicks on the link it is encoded with &amp –  Jan 28 '19 at 04:57
  • this might helip [link](https://stackoverflow.com/questions/575440/url-encoding-using-c-sharp?rq=1) – Jephren Naicker Jan 30 '19 at 04:58
  • Can you try changing querystring parameter order like this; ?activationToken=EAAAAA&username=ats8%40test.com – Ahmet Remzi EKMEKCI Jan 30 '19 at 11:30
  • Tried with ASP.NET MVC 5.2.4 and Chrome 71 and IE 11. Everything works properly. – Reza Aghaei Jan 30 '19 at 17:33
  • are you getting user name properly in second case ? – Manoj Choudhari Jan 30 '19 at 19:43
  • can you please include your view code as well? – Canica Feb 01 '19 at 16:22

1 Answers1

5

I believe it is not the code you pasted in question which is causing issue. The issue may be somewhere else - probably in the view.

I have tested this code with various combination of HTTP versions / Browsers / .Net / .Net core frameworks and it is working fine.

All I can do right now is to give you pointers on where you can look for an error:

First pointer to look in model binding

While working on this sample I realized, that somewhere in your solution probably model binding is not decoding the email "@" character properly.
Note that this is applicable only if you have written any custom logic to bind the values. I see very less probability that this pointer would help you as the input parameters to action are primitive data types.

Second Pointer To look for what you are doing in view

What i suspect is you are getting username and activation token both appropriately in second URL's case. But when you send your email ID with "%40" instead of "@" character, somehow your view is not rendering properly. This is somehow causing your activationToken to be NULL.

You should first put break-point in action method to check both UserName and ActivationToken parameters are nonempty.

If they are non empty then add HttpUtility.UrlDecode where you are assigning username as shown in below code:

var model = new Verification
{
     Username = HttpUtility.UrlDecode(username),
     ActivationToken = activationCode
};

This would remove %40 from mail and replace it with "@" character.

This second pointer mostly should resolve your issue.

Manoj Choudhari
  • 5,277
  • 2
  • 26
  • 37
  • Second way did not solve my issue. the problem is not with the username, its with the ActivationToken and it comes as null. –  Feb 01 '19 at 04:12
  • Did you check whar are the values of input parameters in action ? – Manoj Choudhari Feb 01 '19 at 06:01
  • Which browser is sending second url ? Did you try this through any other browser? – Manoj Choudhari Feb 01 '19 at 06:05
  • it is in chrome, i have tested in all browsers –  Feb 01 '19 at 06:05
  • oh damn! just now noticed in the question 2nd url should be & –  Feb 01 '19 at 06:08
  • it is encoding as & correctly in the question. the actual problem is that not anything with the email –  Feb 01 '19 at 06:08
  • Your code is working in chrome/ edge / internet explorer - if input the query string directly in address bar. Also .net automatically decodes the url querystring. Is this url used from address bar or some other mechanism is being used (eg ajax,etc) – Manoj Choudhari Feb 01 '19 at 06:09
  • Can you add that code which calls this action in question? – Manoj Choudhari Feb 01 '19 at 06:10
  • If you are getting & in querystring you can check the code which generates this encoded query string. If you dont have control on that code then Other option is to use “UrlHelper.Decode(HttpContext.Current.QueryString)”. This would give you query string in first format. Then parse it instead of using it from parameters. – Manoj Choudhari Feb 01 '19 at 06:20
  • 1
    Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/187708/discussion-between-face-turn-and-manoj-choudhari). –  Feb 01 '19 at 06:57
  • Hi Manoj, even though it solved that particular issue, i am getting another issue when i access activationToken from the collection + is replaced as "" –  Feb 07 '19 at 02:32
  • for example activation token is EAAAANQxxwpgKxGMwm/Xo2rSyrEaGaRczyenvOb5DUU+uG662J5dxylCWWggkZYO9XkQ10eQA1s44OSBloycTd6EIFA= but here + is removed and coming as EAAAANQxxwpgKxGMwm/Xo2rSyrEaGaRczyenvOb5DUU uG662J5dxylCWWggkZYO9XkQ10eQA1s44OSBloycTd6EIFA= –  Feb 07 '19 at 02:33
  • NameValueCollection qscoll = HttpUtility.ParseQueryString(querystring); here i can see the correct value –  Feb 07 '19 at 02:43
  • model.ActivationToken = qscoll["amp;activationToken"]; here the + is removed –  Feb 07 '19 at 02:43
  • Apply httpUtility.parsequerystring to first part only as suggested in the answer. HttpUtility.decodeurl( Querystring[0] ) and then access second part without applying decode function. This should resolve issue. – Manoj Choudhari Feb 07 '19 at 05:36