is it possible to have a url that has a param with an & embedded in the value (eg &FirmName=Test&Firm) and not have the browser treat that & in the value as the beginning of another param???
Yes, just encode the "&" using URL encoding ("%26")
Most web programming frameworks have functions that take a string and URL-encode it
You need to urlencode it - & is %26:
&FirmName=Test%26Firm
Related
This question already has answers here:
iOS: Issue with ampersand in the URL string
(6 answers)
Closed 9 years ago.
In my app I am passing a string to service which sets some data to remote database. Everything works perfect as far as I don't have "&" in my string.
I am using this to pass the parameters:
NSString *urlString = [[NSString
stringWithFormat:#"http://someservice.com/some/some_setstatus.php?status=active&name=%#",
merchant] stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
My guess is when it's checking the name with the name saved in the database, it's not able to find one because of '&'.
You are unable to pass "&", as it will be treated as a delimiter for URL parameters. "&" is a reserved character and you can consider encoding "&" as a combination of allowed characters. Take a look at RFC 3986 and the answer to this question.
You need to escape the & character for url (more info: http://www.ietf.org/rfc/rfc3986.txt)
Have a look at https://github.com/tagyro/GTM/blob/master/Foundation/GTMNSString%2BURLArguments.h
This is a clone of Google Toolbox for Mac from their SVN.
I believe you need to urlEncode to the string which will properly encode any special characters. See http://www.w3schools.com/tags/ref_urlencode.asp for more information.
Regards,
Steve
I have a querystring parameter that is an encoded string that gets converted to Base64. That parameter is then embedded in a link within an email. When I click the link in the email, the querystring parameter has had all the + characters within it replaced by space characters. There are no other differences. Is there a method I can call to sanitise the string and effectively replace the spaces with pluses again. I'm currently doing a string replace which is a bit fat hack. Something is causing the replacement but I'm not sure what. Has anyone come across anything like this before?
Example - querystring parameter value within URL of the browser:
yo3rZZbZyG4UCN+L3pcTYJXmWEggnkW1qcyJk2uBrVTtGUSKIlBcJ8e9TSx8BHjHJv0JhI8H6LbIqUl+3lA7qn+lOgpSi3rCGN4bm5moOWcCA449C1Z3zj7J1FkOXH2HMox4VUZ7x7fF65MRwuBBmw==
Value of string within controller action:
yo3rZZbZyG4UCN L3pcTYJXmWEggnkW1qcyJk2uBrVTtGUSKIlBcJ8e9TSx8BHjHJv0JhI8H6LbIqUl 3lA7qn lOgpSi3rCGN4bm5moOWcCA449C1Z3zj7J1FkOXH2HMox4VUZ7x7fF65MRwuBBmw==
You should URL encode the base64 string to the link, so it is:
yo3rZZbZyG4UCN%2BL3pcTYJXmWEggnkW1qcyJk2uBrVTtGUSKIlBcJ8e9TSx8BHjHJv0JhI8H6LbIqUl%2B3lA7qn%2BlOgpSi3rCGN4bm5moOWcCA449C1Z3zj7J1FkOXH2HMox4VUZ7x7fF65MRwuBBmw%3D%3D
HttpUtility.UrlEncode(base64str) in .NET, or encodeURIComponent(base64str) in javascript
you can use System.Web.HttpServerUtility.UrlTokenEncode (from http://brockallen.com/2014/10/17/base64url-encoding/#comments)
It is doing this because the + sign is interpreted as a marker to say that another parameter follows. This is why it is getting mangled. You should URL encode your string before you pass it to the server.
I have set up my coldfusion application to have dynamic urls on the page, such as
www.musicExplained/index.cfm/artist/:VariableName
However my variable names will sometimes contain slashes, such as
www.musicExplained/index.cfm/artist/GZA/Genius
This is causing a problem, because my application presumes that the slash in the variable name represents a different section of the website, the artists albums. So the URL will fail.
I am wondering if there is anyway to prevent this from happening? Do I need to use a function that replaces slashes in the variable names with another character?
You need to escape the slashes as %2F.
You could easily replace the forward slashes / with something like an underscore _ such as Wikipedia uses for spaces. Replacing special characters with underscores, etc., is common practice.
You need to escape those but don't just replace it by %2F manually. You can use URLEncoder for this.
Eg URLEncoder.encode(url, "UTF-8")
Then you can say
yourUrl = "www.musicExplained/index.cfm/artist/" + URLEncoder.encode(VariableName, "UTF-8")
Check out this w3schools page about "HTML URL Encoding Reference":
https://www.w3schools.com/tags/ref_urlencode.asp
for / you would escape with %2F
Can we use "&" in a url ? or should "and" be used?
Yes, you can use it plain in your URL path like this:
http://example.com/Alice&Bob
Only if you want to use it in the query you need to encode it with %26:
http://example.com/?arg=Alice%26Bob
Otherwise it would be interpreted as argument separator when interpreted as application/x-www-form-urlencoded.
See RFC 3986 for more details.
An URL is generally in the form
scheme://host/some/path/to/file?query1=value&query2=value
So it is not advisable to use it in an URL unless you want to use it for parameters. Otherwise you should percent escape it using %26, e.g.
http://www.example.com/hello%26world
This results in the path being submitted as hello&world. There are other characters which must be escaped when used out of context in an URL. See here for a list.
Unless you're appending variables to the query string, encode it.
encode '&' with & (this answer is based on your use of tags)
If you are asking what to use "&" or "and" when registering the name of your URL, I would use "and".
EDIT: As mentioned in comments "& is an HTML character entity and not a URI character entity. By putting that into a URI you still have the ampersand character and additional extraneous characters." I started answering before fully understanding your question.
I use HttpUtility.UrlEncode to encode any value that is used in a route.
I already solved an issue with encoding forward slashes. The new problem I have now is with spaces. A space is encoded as + .
This works on the VS integrated Webserver, but I have an issue with it in IIS7 on Windows Server 2008.
If I have the URL http://localhost/Home/About/asdas+sdasd
I get the error 404.11 - Request contains double escape sequence.
I know I can just replace the space by "%20", but I dont want to care about propper encoding myself. Is there any ready to use UrlEncoder for MVC out there?
' ' encoded to %20 use HttpUtility.UrlPathEncode.
Any URL Encoding is most often designed to work on the path component of the url, the reason because different schemes have different characters in the safe list. Look for your libraries urlencoder and just use it in the path and above portion of the url.
#HttpUtility.UrlPathEncode(path)
UrlPathEncode just encodes the path of the Url, rather than encoding the whole Url.