Double encoded url being fully decoded in ASP.NET
Posted
by Brad R
on Stack Overflow
See other posts from Stack Overflow
or by Brad R
Published on 2010-03-23T17:49:44Z
Indexed on
2010/03/23
17:53 UTC
Read the original article
Hit count: 334
I have just come across something that is quite strange and yet I haven't found any mention on the interwebs of others having the same problem.
If I hit my ASP.NET application with a double encoded url then the Request["myQueryParam"]
will do a double decode of the query for me. This is not desirable as I have double encoded my query string for a good reason.
Can others confirm I'm not doing something obviously wrong, and why this would happen. A solution to prevent it, without doing some nasty query string parsing, would be great too!
As an example if you hit the url: http://localhost/MyApp?originalUrl=http%3a%2f%2flocalhost%2fAction%2fRedirect%3fUrl%3d%252fsomeUrl%253futm_medium%253dabc%2526utm_source%253dabc%2526utm_campaign%253dabc
(For reference %25 is the % symbol)
Then look at the Request["originalUrl"]
(page or controller) the string returned is:
http://localhost/Action/Redirect?Url=/someUrl?utm_medium=abc&utm_source=abc&utm_campaign=abc
I would expect:
I have also checked in Fiddler and the URL is being passed to the server correctly (one possible culprit could have been the browser decoding the URL before sending).
© Stack Overflow or respective owner