127

I have a webapp created using C# and asp.net. I placed a parameter value in the querystring with a plus(+) sign. But the plus sign disappear.

How can I include the plus sign(+) in the query string without disappearing?

Please advise.

Thanks.

Edit: added code with UrlEncode

string str = Server.UrlEncode(Requery.QueryString["new"]);
domlao
  • 15,663
  • 34
  • 95
  • 134
  • actually the value depends from the user input. – domlao Jul 28 '11 at 07:58
  • FYI beware the `UrlBuilder`, it seems a bit useless which is how i stumbled on your question. See http://stackoverflow.com/questions/24576239/why-doesnt-uribuilder-query-escaping-url-encoding-the-query-string – KCD Oct 21 '15 at 22:51
  • *`UriBuilder` not Url – KCD Oct 21 '15 at 23:00

10 Answers10

226

+ sign has a semantic meaning in the query string. It is used to represent a space. Another character that has semantic importance in the query string is & which is used to separate the various var=value pairs in the query string.

Most server side scripts would decode the query parameters before using them, so that a + gets properly converted to a space. Now, if you want a literal + to be present in the query string, you need to specify %2B instead.

+ sign in the query string is URL-decoded to a space. %2B in the query string is URL-decoded to a + sign.

See the difference between

http://www.google.com/search?q=foo+bar

and

http://www.google.com/search?q=foo%2Bbar

In the above examples, Google's server script is URL-decoding the query parameters and then using them to do the search.

URL-encoding is nothing but % sign followed by the hex-code of the special character. For example, we know that the hex code of A is 0x41 (decimal: 65). Try this:

http://www.google.com/search?q=%41

Hope this makes URL-encoding clear.

So, if you want the + sign to be preserved when a JavaScript is fetching a URL with + signs in its query parameters and a server side script would process the query parameters after URL-decoding it, you should URL-encode the query parameters in the URL before using issuing the HTTP get request so that all + signs are converted to %2B's when the request reaches the server side script. Now when the server side script URL-decodes the query string, all %2B's gets converted back to + signs which is what you want.

See Encode URL in JavaScript? to learn how to URL-encode the parameters using JavaScript. Short answer from the discussion there:

var encodedURL = "http://example.com/foo.php?var=" + encodeURIComponent(param);
Community
  • 1
  • 1
Susam Pal
  • 32,765
  • 12
  • 81
  • 103
  • 2
    How can I replace the + sign to %2B in javascript. Because I'm creating my querystring in javascript. – domlao Jul 28 '11 at 07:59
6

You should URLEncode your query string values to make sure any special characters are not lost.

DoctorMick
  • 6,703
  • 28
  • 26
  • 1
    Like this, string str = Server.UrlEncode(Requery.QueryString["new"]); ? THanks – domlao Jul 28 '11 at 07:53
  • Not quite, you need to encode them before putting them in to the query string rather than when you take them back out. How are you setting the values in the query string? – DoctorMick Jul 28 '11 at 07:55
  • in Javascript, like $("#btn").click(function(){ var param="c++"; ... }); – domlao Jul 28 '11 at 07:56
6

Look at HTML URL Encoding Reference

You need to Encode the + sign - It's value should be %2B

Morten Anderson
  • 2,301
  • 15
  • 20
  • `+` sign is allowed in query parameter value, where it shouldn't be encoded, because it already encodes 'space' – ZZ 5 Jan 29 '20 at 12:49
  • But '+' means space in a URL. If you want a **plus** you do need to encode it and Javascript's methods `escape()` and `encodeURI()` fail at this. – Marc Jun 10 '21 at 06:45
1

For the solution, I have applied:

Step 1:Use Server.UrlEncode method for encoding the URL parameter. Response.Redirect("YourURL?parameter=Server.UrlEncode(parameterValue.ToString().Trim()");

step 2: on another side, you get a string with a plus(+) sign. var parameter = Request.QueryString["parameterValue"].ToString().Trim();

This is the result: %2beH8 --> +eH8

10 Rep
  • 2,217
  • 7
  • 19
  • 33
1

I alter my previous statement so no one gets confused!

Create your url using the Server.UrlEncode. e.g.

string myUrl = "http://myurl?param1="  + Server.UrlEncode("my+param+1");
gred
  • 504
  • 4
  • 16
0

Other simple way is, Request.Url.ToString().Substring(Request.Url.ToString().IndexOf("=") + 1) assuming that my URL is, http://localhost/MyApp/Activate.aspx?ActivationCode=cHbtqH9P2dDZkx/mYUgFFo7nrNqSFgqdPisAzzu5/nwlEYDOHI+CQw==

SharK
  • 2,155
  • 1
  • 20
  • 28
0

before send you parameter, you need check if the parameter contains plus sign, if have you need replace to one flag, for example: the parameter is: klasjdlkasd+djid3223 can you replace: klasjdlkasdFLAGdjid3223

and when you go convert, you need replace angain

klasjdlkasd+djid3223

-2

Try this, it works for me:

Request.QueryString["new"].Trim();
Dave Cousineau
  • 12,154
  • 8
  • 64
  • 80
kobalt
  • 1
  • 2
-4

The solution is to ALWAYS include .Replace(" ", "+") when you request querystring

string s = Request.QueryString["id"].Trim().Replace(" ", "+");

source: http://www.webmasterworld.com/forum47/3238.htm

Dilhan Jayathilake
  • 1,860
  • 2
  • 17
  • 15
-4

Add this line in Decrypt Funcation:

strText = strText.Replace(" ", "+");
Vijay Mungara
  • 83
  • 1
  • 5
  • 2
    What about the other reserved characters? This solution will only fix the +, and not the ? and & etc – John Mc Jan 18 '17 at 15:39