We have upgraded our product from Apache HttpClient to OkHttpClient. But after migration, when special characters like %20(+) is passed in URL param or query param, its been sent to client as is, where it was decoded and sent to client with Apache HttpClient.
eg : http://ip:port/testURL?A%20B -> http://ip:port/testURL?A+B ( Apache HttpClient)
http://ip:port/testURL?A%20B -> http://ip:port/testURL?A%20B ( OkHttpClient)
OkHttp attempts to preserve as much as possible on input URLs. If you want to convert parts to a canonical form, use HttpUrl.Builder and set each part independently, possibly using your original parsed HttpUrl as input.
Backbone.js maintains routing information in a URL after the hash mark, e.g.:
http://localhost:3000#page/hardware/table/?action=details&actionTargetId=5&actionTargetName=10.3.177.185&actionTarget=host
Even though the routing information is in the format ?p1=v1&p2=v2&p3=v3, this portion is not technically part of the url query string since it comes after the hash mark.
My question is if I add an actual query string to our app's urls like this:
http://localhost:3000?newparam=newvalue#page/hardware/table/?action=details&actionTargetId=5&actionTargetName=10.3.177.185&actionTarget=host
is there any possibility of the "newparam" url parameter interfering with the backbone portion?
the problem is your not actually creating a legit query string. your mixing your route with your parameters.
your example is formatted as:
domain ? param # route ? other params
as soon as a questionmark appears in a url everything after it is interpreted as a query string. (in this case) even your route.
personally i suggest using the html5 pushstate.
Backbone.history.start({pushState: true})
this will give you clean(er) urls
http://localhost:3000/page/hardware/table/?newparam=newvalue&action=details&actionTargetId=5&actionTargetName=10.3.177.185&actionTarget=host
that will help your routes to not interfere with your parameters.
My URL is
www.domainname.com/default.aspx?l=en&t=32600483-1618-4f09-9a86-c12de4dafc7b
I would love to read the QueryString value of t. So i can parse it as GUID.
Unfortunatelly that & thing, seems to mess things up.
How can i parse the value of the t Query string?
My URL is
I hope you realize that this is not a valid URL. This is a HTML encoded string. Do not confuse with an URL. URLs should be properly URL encoded, not HTML encoded. And since you start with something invalid your only chance is to use some ugly string parsing/regex to extract the necessary information. Since this looks like an HTML encoded string you could HTML decode it first:
var myUrl = "http://www.domainname.com/default.aspx?l=en&t=32600483-1618-4f09-9a86-c12de4dafc7b";
myUrl = HttpUtility.HtmlDecode(myUrl);
var values = HttpUtility.ParseQueryString(myUrl);
var t = values["t"];
But I repeat once again: don't do this: tackle the problem at its root. And the root of your problem is the origin of this URL. So if you have control over the generation of this URL then fix it so that you can have a valid URL that you could easily work with with the built-in methods. If you don't have control over the generation of the URL then notify the author of the code that he has a bug in it and ask him to fix it because he has provided you a non-properly encoded URL and you are obliged to use some ugly string parsing mechanisms to extract the information from it.
I have an MVC3 Action that takes a parameter (a URL) that may have a query string in it. My action signature looks like this:
GetUrl(string url)
I expect to be able to send it urls, and it works every time unless there is a query string in the url. For example, if I navigate to:
MyController/GetUrl/www.google.com
the url parameter comes accross as "www.google.com" -Perfect. However, if I send
MyController/GetUrl/www.google.com/?id=3
the url parameter comes accross as "www.google.com/" How do I get MVC3 to give me the whole URL in that parameter? -Including the query string?
It's simple enough to just URL.Encode the passed in URL on the page but you're opening your self to some possible security problems.
I would suggest you encrypt the url then encode it then pass that as your value, the protects you from having people just passing in anything into your app.
That's because system considers id=3 as its own query string. When you construct the link in the view, you need to use #Url.Encode to convert raw url string to encoded string to be accepted as parameter of the controller.
In some javascript, I have:
var url = "find.aspx?" + "location=" + encodeURIComponent( address );
alert( url );
location.href = url;
where the value of address is the string "Seattle, WA".
In the alert I see
find.aspx?Seattle%2C%20WA
as I expect.
But on the server side, when I look at Request.Url, the relevant substring I see is
find.aspx?Seattle, WA
And in the Firefox url window I see
find.aspx?location=Seattle%2C WA
So I'm getting three different representations whereas I would expect that in all three places I should see what I see in the alert. My expectation is that the url I assign to location.href should show up as-is in the browser url window, and should be passed as-is to the server in Request.Url (and I would need to decode the values on the server before using them). What's happening?
Firefox converts certain encoded characters into their literal forms as a way to be friendly to users. It will also convert spaces typed into the address bar into %20 for the server.
Update: The reason Firefox doesn't display the comma unencoded is because commas are allowed in URLs, but spaces are not, so it knows that a space is going to be unambiguously interpreted, whereas the pre-encoded comma is different from a non-encoded comma to some servers. see: Can I use commas in a URL?
ASP is probably trying to help you out by auto-un-encoding the string for you.
Update: It looks like ASP.NET unencodes Request.Url for you by default, as mentioned here: QueryString malformed after URLDecode They also mention that you can use HttpRequest.Url.Query to access the un-decoded version.
The alert is the only thing not doing any "magic" for you.
For the alert, you are doing the encoding yourself. Perhaps it looks the same as on the server-side if you removed encodeURIComponent.
On the server side, ASP.NET will always show you the unencoded form. This is to make it easier to directly map to files that also have text that needed to be (un)encoded.
Note that you can replace every letter for its UTF8 representation in URL Encoding. It will still be the same URL. I.e., type the following in the browser window and it will still work: %66%59%6E%64.aspx?location=Seattle%2C%20WA. To only encode the necessary chars, use UrlEncode on the server side if you create a link yourself.
URL encoding can become fairly tricky. You ask to explain it. To know the correct escape of a certain character, you need to know how that character looks in UTF8. The hexadecimal value of the UTF-8 bytes then become the %XX%YY value of your letter. Sometimes it's one %XX, but it can be up to six byte sequences in total (some Chinese characters for instance).
URL Encoding works one way only. Never double-encode or double-unencode. This is prohibited by the specification. Also, because you can encode any character, it is not always possible (as you found out) to do roundtrip encoding/unencoding. If you unencode and re-encode again, it is well possible that the resulting string is different, but syntactically the same.
In HTML, URL Encoding is sometimes interspersed with HTML Encoding. I.e., the ampersand is valid in HTML, but not in HTML. find.aspx?city=A&name=B becomes find.aspx?city=A&name=B in and HTML URL. However, browsers are lenient and will accept wrongly HTML-encoded strings.
Finally, a not on the browser: if you type in a space in a link, even inside an <a> tag, it will escape the space (or other character) for you. Likewise, it will nowadays show the odd characters (é, ï etc) in the address bar, but when it sends it over HTTP, the browser will correctly do the encoding for you.
Update: about anwering your question of needing a "definitive" reference or proof.
While I couldn't find any on the internet, I decided to look for it myself using Reflector. Going through the methods that set, for instance, the HttpRequest.QueryString, you quickly encounter the private method HttpRequest.FillInQueryStringCollection which then calls HttpValueCollection.FillfromEncodedBytes. Somewhat near the end of that method, HttpUtility.UrlDecode is called for the values. Conclusion: do not call it yourself, to prevent double decoding.
You can see this for yourself when you download Reflector and disassemble the .NET libs of System.Web.
For your example you can change this line
var url = "find.aspx?" + "location=" + encodeURIComponent( address );
to
var url = "find.aspx?" + "location=" + address;
and see the address as it is. Bu if address variable contains any '&' character your variable will be corrupt. So you are using encodeURIComponent to encode these things url.
On the Server side all these encoded strings are decoded back. It means encodeURIComponent is just for sending the address variable (whether it contains & character or not) to server side correctly.