Bad request 400 for HttpUtility.UrlEncoded URL segments - asp.net-mvc

So, if there are url encoded segments in my apps MVC url, IIS throws a BAD REQUEST 400.
e.g.
http://u.lasoo.com.au/Offer/*9289--750W-Generic-ATX12V-Power-Supply-%252449dot99/6355
<--- the '*' and '%' are causing this error.
Notice that http://u.lasoo.com.au/Offer/The-Giant-Good-As-Gone-7-Day-Sale/6354 works fine.
What's the correct way to convert an arbitrary string into an accepted MVC URL segment?
UPDATE: the URl segment should resemble the original string. Base64 encoding completely transformed the string.

Instead of passing the info in the url you can pass it as a get parameter. Like this:
http://u.lasoo.com.au/Offer/?id=*9289--750W-Generic-ATX12V-Power-Supply-%252449dot99/6355

Have you tried UrlEncode? MSDN

Try a string replace to strip out or substitute symbols ":", "%", "*", "/" - any symbols illegal within a folder name. They seem to screw up everything royally and appear to be a design weakness of the URL routing system.

Related

Is there a way to escape all the special characters in a url string parameter?

I need users to be able to pass a file path as a parameter of a get url (the file would not be uploaded and only the local file path is used for some security reasons). Now it's difficult for them to go and change all the backslashes to "%5". I was wondering if there is a way to force encoding of a part of the url. For example something as simple as putting it in double quotes, which doesn't work...
http://example.com/"c:\user\somone\somefile.txt"/dosomething
I ended up using pattern matching of rest routes at the server level. Something like this:
/example.com/*path/dosomething
So it would match any path even with slashes/backslashes. At last I do a decoding of the url to get rid of the escaped characters passed by browser for chars like space.
java.net.URLDecoder.decode(path, "UTF-8")

How send parameters with decimal point in url?

I’m using Backbone.js and Rails.
In Backbone.js I use HTML5 push state to set filter parameters in a url.
When the page is reloading I want to pass these parameters to Rails.
I encoded a parameter lat:34.34+lng:45.23 using JavaScript’s encodeURIComponent. It encoded:
/users/nearby/lat:34.34+lng:45.23/
as:
/users/nearby/lat%3A34.34%2Blng%3A45.23
but this route is not found.
If I delete the points from url, it works.
How can I send parameters with a decimal point?
The . is not a character that has to be encoded. Is this causing issues server side?
See here for more details:
http://www.blooberry.com/indexdot/html/topics/urlencoding.htm
I solved my problems adding an "extra" slash to the end of the url.
In your encoded url it is missing.
Hope this helps
One manifestation of this problem is in URL pattern matching, where the Query Param is expected (i.e. matched) to be an integer. This does not match a number with a decimal point. So you get a 404 (URL not found).

How can I send a GET request containing a colon, to an ASP.NET MVC2 controller?

This works fine:
GET /mvc/Movies/TitleIncludes/Lara%20Croft
When I submit a request that contains a colon, like this:
GET /mvc/Movies/TitleIncludes/Lara%20Croft:%20Tomb
...it generates a 400 error. The error says ASP.NET detected invalid characters in the URL.
If I try url-escaping, the request looks like this:
GET /mvc/Movies/TitleIncludes/Lara%20Croft%3A%20Tomb
...and this also gives me a 400 error.
If I replace the colon with a | :
GET /mvc/Movies/TitleIncludes/Lara%20Croft|%20Tomb
..that was also rejeted as illegal, this time with a 500 error. The message: Illegal characters in path.
URL-escaping that | results in the same error.
I really, really don't want to use a querystring parameter.
related:
Sending URLs/paths to ASP.NET MVC controller actions
I found that URL encoding did not work, but custom encoding did.
I guess ASPNET MVC uses the filesystem to do the parsing and routing, because a character in the URL that is not legal in the filesystem, causes a 500 or 400 error.
So what I did was replace colons with the unicode
¡ character in the javascript side, and then do the converse in the action. like this:
browser:
function myEscape(s){
return s.replace(':', '%C2%A1').trim();
}
in the action, call this conversion before using the argument:
private string MyCustomUnescape(string arg)
{
return arg.Replace("¡", ":");
}
The same approach works for slashes - just pick a different unicode character. Of course if your string arguments themselves are unicode, then you'll have to use non-printable characters for the "encoded" forms.
If SEO is not a problem you may use base64 and then urlencode that. After the first step every character you'll have will be easily encoded. Decoding in .NET is as easy as using the helper in System.Web.HttpUtility and System.Convert.
Similar answered here:
https://stackoverflow.com/a/12037000/134761
Use question mark and ampersands for arguments and URL encode the arguments.
Example: GET /mvc/Movies/TitleIncludes?title=Lara%20Croft%3A%20Tomb
I agree it would be nice to encode things into the url as well, but there is probably a good reason not to.

Can backslash be encoded correctly in URL with URL rewrite?

I am working on an ASP.NET MVC2 project. The problem is when a string which would be rewritten into URL contains a special character such as backslash or question mark, the URL will be wrong, even if I have encoded it before.
For example:
I have a product id "p001\2-2".
I encoded it into "p001%5C2-2"
The URL http://domain.com/Product/p001%5C2-2 responds HTTP Error 400 - Bad Request.
How can I get it correct?
Try to use Html.Encode to resolve your backslash.
If the backslash is the only 'special' character in your id, you could use Replace("%5C","\").
Have you checked your routingMap? there has to be a route like
Product/{prodictID}
I had a similar problem with %2F in my URLs. Try appending the nOrmalize flag to your rewriteRule.
Example with normalize flag "O" in bold:
RewriteRule ^(.*)index\.html?$ http://www.yoursite.com/$1 [R=301,L,**O**]

Properly url encode space character

I use HttpUtility.UrlEncode to encode any value that is used in a route.
I already solved an issue with encoding forward slashes. The new problem I have now is with spaces. A space is encoded as + .
This works on the VS integrated Webserver, but I have an issue with it in IIS7 on Windows Server 2008.
If I have the URL http://localhost/Home/About/asdas+sdasd
I get the error 404.11 - Request contains double escape sequence.
I know I can just replace the space by "%20", but I dont want to care about propper encoding myself. Is there any ready to use UrlEncoder for MVC out there?
' ' encoded to %20 use HttpUtility.UrlPathEncode.
Any URL Encoding is most often designed to work on the path component of the url, the reason because different schemes have different characters in the safe list. Look for your libraries urlencoder and just use it in the path and above portion of the url.
#HttpUtility.UrlPathEncode(path)
UrlPathEncode just encodes the path of the Url, rather than encoding the whole Url.

Resources