Double encoded url being fully decoded in ASP.NET

Posted by Brad R on Stack Overflow See other posts from Stack Overflow or by Brad R
Published on 2010-03-23T17:49:44Z Indexed on 2010/03/23 17:53 UTC
Read the original article Hit count: 334

Filed under:
|

I have just come across something that is quite strange and yet I haven't found any mention on the interwebs of others having the same problem.

If I hit my ASP.NET application with a double encoded url then the Request["myQueryParam"] will do a double decode of the query for me. This is not desirable as I have double encoded my query string for a good reason.

Can others confirm I'm not doing something obviously wrong, and why this would happen. A solution to prevent it, without doing some nasty query string parsing, would be great too!

As an example if you hit the url: http://localhost/MyApp?originalUrl=http%3a%2f%2flocalhost%2fAction%2fRedirect%3fUrl%3d%252fsomeUrl%253futm_medium%253dabc%2526utm_source%253dabc%2526utm_campaign%253dabc

(For reference %25 is the % symbol)

Then look at the Request["originalUrl"] (page or controller) the string returned is:

http://localhost/Action/Redirect?Url=/someUrl?utm_medium=abc&utm_source=abc&utm_campaign=abc

I would expect:

http://localhost/Action/Redirect?Url=%2fsomeUrl%3futm_medium%3dabc%26utm_source%3dabc%26utm_campaign%3dabc

I have also checked in Fiddler and the URL is being passed to the server correctly (one possible culprit could have been the browser decoding the URL before sending).

© Stack Overflow or respective owner

Related posts about ASP.NET

Related posts about urlencode