后URLDe code QUERYSTRING畸形 [英] QueryString malformed after URLDecode
问题描述
我想在一个Base64字符串转换成通过查询字符串一个C#.NET Web应用程序通过。当字符串到达的+(加号)是由一个空间取代。看来,自动URLDe code过程是这样做。我有超过正在通过查询字符串传递什么样的控制。有什么办法来处理这个服务器端?
例如:
<$p$p><$c$c>http://localhost:3399/Base64.aspx?VLTrap=VkxUcmFwIHNldCB0byAiRkRTQT8+PE0iIHBsdXMgb3IgbWludXMgNSBwZXJjZW50Lg==产地:
VkxUcmFwIHNldCB0byAiRkRTQT8 PE0iIHBsdXMgb3IgbWludXMgNSBwZXJjZW50Lg ==
人提议URL编码查询字符串:
System.Web.HttpUtility.UrlEn code(yourString)
我不能这样做,因为我有调用程序没有控制(这是工作的罚款与其他语言)。
还有一个加号替换空间的建议:
的Request.QueryString [VLTrap]替换(,+)。
我虽然这一点,但我对它的关注,我应该提到这个开始,是我不知道是什么的其他的字符可能是除加号格式不正确。
我的主要目标是通过德codeR运行之前拦截查询字符串。的
要为此我试图寻找Request.QueryString.toString(),但这个含有相同的格式不正确的信息。有什么办法来看看之前的原始查询字符串的 的是URLDe codeD?
在进一步的测试看来,预计净一切从QuerString进来的是URL连接codeD但浏览器不会自动连接的URL code GET请求。
您可以手动替换值( argument.Replace('','+'))或咨询的Htt prequest.ServerVariables [QUERY_STRING] (甚至更好的Htt的prequest.Url.Query),并自己解析它。
您应该然而,试图解决其中的URL被授予问题;一个加号需要获得EN codeD作为URL%2B,因为有加,否则再presents的空间。
如果你不控制入站的网址,第一种选择是因为你避免最错误这种方式pferred $ P $。
I'm trying to pass in a Base64 string into a C#.Net web application via the QueryString. When the string arrives the "+" (plus) sign is being replaced by a space. It appears that the automatic URLDecode process is doing this. I have no control over what is being passed via the QueryString. Is there any way to handle this server side?
Example:
http://localhost:3399/Base64.aspx?VLTrap=VkxUcmFwIHNldCB0byAiRkRTQT8+PE0iIHBsdXMgb3IgbWludXMgNSBwZXJjZW50Lg==
Produces:
VkxUcmFwIHNldCB0byAiRkRTQT8 PE0iIHBsdXMgb3IgbWludXMgNSBwZXJjZW50Lg==
People have suggested URLEncoding the querystring:
System.Web.HttpUtility.UrlEncode(yourString)
I can't do that as I have no control over the calling routine (which is working fine with other languages).
There was also the suggestion of replacing spaces with a plus sign:
Request.QueryString["VLTrap"].Replace(" ", "+");
I had though of this but my concern with it, and I should have mentioned this to start, is that I don't know what other characters might be malformed in addition to the plus sign.
My main goal is to intercept the QueryString before it is run through the decoder.
To this end I tried looking at Request.QueryString.toString() but this contained the same malformed information. Is there any way to look at the raw QueryString before it is URLDecoded?
After further testing it appears that .Net expects everything coming in from the QuerString to be URL encoded but the browser does not automatically URL encode GET requests.
You could manually replace the value (argument.Replace(' ', '+')) or consult the HttpRequest.ServerVariables["QUERY_STRING"] (even better the HttpRequest.Url.Query) and parse it yourself.
You should however try to solve the problem where the URL is given; a plus sign needs to get encoded as "%2B" in the URL because a plus otherwise represents a space.
If you don't control the inbound URLs, the first option would be preferred as you avoid the most errors this way.
这篇关于后URLDe code QUERYSTRING畸形的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
