All geek questions in one place

Server.UrlEncode (string s) ... not

Server.UrlEncode ("My .doc file") returns "My + File.doc", while the javascript escape code ("My .doc file") returns "My% 20File.doc". As I understand it, javascript is a direct URL encoding a string, while the .net method is not. Of course, it looks like this works in practice. Http: //somesite/My+File.doc will not retrieve "My File.doc", in any case I could check the use of firefox / i.e. and IIS, whereas http: //somesite/My%20File.doc works fine. Am I missing something, or is Server.UrlEncode just not working properly?

+4
source share
4 answers

Use Javascripts encodeURIComponent () / decodeURIComponent () to encode back and forth using .Net URLEncode / URLDecode.

EDIT

As far as I know, historically "+" has been used in URL encoding as a special char space substitution (ASCII 20). If the implementation does not consider space as a special character with the substitution "+", then it will still have to avoid it using its ASCII code (therefore, "% 20").

There is a really good discussion of the situation at http://bytes.com/topic/php/answers/5624-urlencode-vs-rawurlencode . Incidentally, this is unconvincing. RFC 2396 compresses space with other characters without an unconditional representation that borders the crowd of "% 20".

RFC 1630 parties with a crowd of "+" (via forum) ...

In the query string, a plus sign is reserved as an abbreviation for space. Therefore, real plus signs must be encoded. This method was used to simplify the transfer of URI requests from systems that did not allow spaces.

In addition, the core RFC ...

RFC 1630 - Universal Resource Identifiers on the WWW

RFC 1738 - Uniform Resource Locators (URLs)

RFC 2396 - Unified Resource Identifiers (URIs): General Syntax

+7
source

As I understand it, javascript is a direct URL encoding a string, while the .net method is not

In fact, they are both wrong!

JavaScript escape() should never be used. Besides the fact that the + code cannot be encoded to %2B , it encodes all non-ASCII characters as a non-standard %uNNNN .

Meanwhile, Server.UrlEncode not exactly the URL encoding as such, but the application/x-www-form-urlencoded encoding, which should normally be used only for query parameters. Using + to represent space outside the form name=value , for example, in part of a path, is incorrect.

This is pretty unfortunate. You can try replacing the character string + %20 after encoding with UrlEncode() when you encode part of the path, not a parameter. In the parameter + and %20 equally good.

+4
source

A + instead of a space - the correct URL encoding, as if escaped from it to% 20. See this article (Perl-encoded CGI programming - URL).

+ not something that JavaScript can parse, so javascript will exit space or + in %20 .

+3
source

Using System.Uri.EscapeDataString() serverside and decodeURIComponent clientside works.

+2
source

Source: https://habr.com/ru/post/1305106/

More articles:


All Articles