无法去code基-64的URL [英] Unable to decode Base-64 URLs
问题描述
我有建立一个HTML邮件的应用程序。包括在内容为一间codeD URL可能,例如,含有促销code或产品型号参数。电子邮件是由Windows服务(本质上是一个控制台应用程序)和链接产生,当点击了由一个MVC网站处理。这里是code用于创建电子邮件链接:
I have an application that builds an HTML email. Included in the content is an encoded URL parameter that might, for example, contain a promotional code or product reference. The email is generated by a Windows service (essentially a console application) and the link, when clicked is handled by an MVC web site. Here is the code for creating the email link:
string CreateLink(string domain, string code) {
// code == "xyz123"
string encrypted = DES3Crypto.Encrypt(code); // H3uKbdyzrUo=
string urlParam = encrypted.EncodeBase64(); // SDN1S2JkeXpyVW890
return domain + "/" + urlParam;
}
在MVC控制器上的操作方法构造如下:
The action method on the MVC controller is constructed as follows:
public ActionResult Index(string id) {
string decoded = id.DecodeBase64();
string decrypted = DES3Crypto.Decrypt(decoded);
...
}
在我们所有的测试,这一机制曾担任预期,但是,现在我们已经走了现场,我们看到各地的4%的误差率,其中从基本-64转换失败与以下异常:
In all our testing, this mechanism has worked as expected, however, now we have gone live we are seeing around a 4% error rate where the conversion from base-64 fails with the following exception:
的输入不是有效的Base-64串,因为它含有非基本64字符,两个以上的填充字符,或填充字符之间的非空白字符。的
从URL参数id'看起来'OK。这个问题似乎是与那些未按德codeBase64法恩codeBase64 /德codeBase64方法返回一个乱码字符串,如NL□7yb 8SJ =对失败的链接。
The id parameter from the url 'looks' OK. The problem appears to be with the EncodeBase64/DecodeBase64 methods that are failing as DecodeBase64 method returns a 'garbled' string such as "�nl����□��7y�b�8�sJ���=" on the failed links.
此外,大多数的错误是从IE6用户代理导致我觉得这是一个字符编码的问题,但我不明白为什么。
Furthermore, most of the errors are from IE6 user agents leading me to think this is a character encoding problem but I don't see why.
有关参考,在这里是code为我的基地-64的URL编码:
For reference, here is the code for my base-64 URL encoding:
public static string EncodeBase64(this string source)
{
byte[] bytes = Encoding.UTF8.GetBytes(source);
string encodedString = HttpServerUtility.UrlTokenEncode(bytes);
return encodedString;
}
public static string DecodeBase64(this string encodedString)
{
byte[] bytes = HttpServerUtility.UrlTokenDecode(encodedString);
string decodedString = Encoding.UTF8.GetString(bytes);
return decodedString;
}
任何意见将是多少AP preciated。
Any advice would be much appreciated.
推荐答案
要回顾一下,我是创建使用一个base-64连接这本身就是一个三重DES加密的字符串codeD参数中的URL。所以URL看起来像HTTP:// [DOMAIN_NAME] / SDN1S2JkeXpyVW890的链接引用的一个MVC Web站点控制器动作
To recap, I was creating a URL that used a base-64 encoded parameter which was itself a Triple DES encrypted string. So the URL looked like http://[Domain_Name]/SDN1S2JkeXpyVW890 The link referenced a controller action on an MVC web site.
的URL,然后插入到HTML格式的电子邮件。纵观错误日志中,我们看到了回应链接大众用户的5%左右扔无效基地-64字符串错误。大部分,但不是全部,这些错误都涉及到IE6用户代理。
The URL was then inserted into an HTML formatted email. Looking at the error log, we saw that around 5% of the public users that responded to the link were throwing an "invalid base-64 string error". Most, but not all, of these errors were related to the IE6 user agent.
试图根据各地的字符和URL编码许多可能的解决方案后,人们发现,在客户端的过程中某处的URL被转换为小写 - 这一点,当然,打破了基地-64编码(因为它的用途大写和小写的编码字符)。
After trying many possible solutions based around character and URL encoding, it was discovered that somewhere in the client's process the url was being converted to lower-case - this, of course, broke the base-64 encoding (as it is uses both upper and lower case encoding characters).
无论腐败案件是由客户端浏览器,电子邮件客户端或者本地杀毒软件引起的,我一直无法确定。
Whether the case corruption was caused by the client's browser, email client or perhaps local anti-virus software, I have not been able to determine.
解决方案
不要使用任何标准的基于64位的编码方式,而是使用一个base-32或zBase-32编码代替 - 这两者是不区分大小写
The Solution Do not use any of the standard base-64 encoding methods, instead use a base-32 or zBase-32 encoding instead - both of which are case-insensitive.
详细信息请参见以下链接
See the following links for more details
这个故事的寓意是,BASE-64 URL编码可以在一些公共环境是不可靠的。 BASE-32,而稍微详细,是一个更好的选择。
The moral of the story is, Base-64 URL encoding can be unreliable in some public environments. Base-32, whilst slightly more verbose, is a better choice.
希望这有助于。
这篇关于无法去code基-64的URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
