I have this in my querystring - sug_zehut=ז
(ז is a Hebrew letter)
Although I'm well aware that this is bad practice, I have to receive it like so in my query string (not my code..)
When I write it to a hidden I get sug_zehut=%EF%BF%BD as a part of the querystring, and when I try to put it in a string and put that in a hidden, I get � (I found here that those two are the same).
Anyhow, the question is - How do I get the value ז to my variable?
(I'm using .net version 4)
Thanks.
%EF%BF%BD is the code of � sumbol. That's mean your server don't know this character because of you sent symbol in one encoding and try get it as UTF-8.
Try to set up utf-8 encoding in every place (at least for testing of the problem):
In web.config
http://msdn.microsoft.com/en-us/library/ydkak5b9(v=vs.71).aspx
In the page
<meta charset="utf-8"> vs <meta http-equiv="Content-Type">
Change real file encoding if you directly set up your symbol (.cs,
.cshtml, .aspx, .js, ...)
If it's not working that please tell me how do you get this url and navigate on it?
Here's a small function to convert your character to an HTML encoded version (ז in this case). HtmlEncode won't do it for you in most versions of .net, unfortunately.
private static string UnicodeConvertChar(char input)
{
if (input > 159)
{
return "&#" + ((int)input).ToString() + ";";
}
else
{
return input.ToString();
}
}
You can convert it before setting it in your hidden field, and then when you get it back, you can simply read it by using HttpUtility.HtmlDecode.
Here's a dotnetfiddle for you to play around with it:
https://dotnetfiddle.net/jbDY0V
Related
while (reader.Read())
{
sb.Append("<img src=news.gif> </img><a href="+"Doc/"+rdr[1].ToString()+" target=_blank onclick=counterfunction("+rdr[2]+")>"+rdr[0].ToString()+"</a>");
sb.Append("<br/>");
}
/* for example
i want to save image name abhi shek.jpg but these hyperlink only get abhi after space not
get anything pls solve these problem */
That's because you're writing href=foo bar.jpg instead of href='foo bar.jpg'
Just include the ' marks.
URLs have to be properly percent-encoded to conform to RFC3986. Space is not a valid character in the URL path, so it must be encoded.
What that boils down to for you is that you must use HttpServerUtility.UrlEncode every time you write an URL in your response.
I've .NET webservice, which takes a encoded html-string as a parameter, decodes the string and creates a PDF from the html. I want to make a synchronous server side call to the webservice from a classic asp webpage. It works fine if use a plain text string (with no html tags), but when I send a encoded html string the webservice it seems that the string is empty when it reaches the webservice.
The webservice is working fine when I call it from client side, with both plain text string and an encoded html string.
My code looks like this:
Private Sub SaveBookHtmlToPdf(pHtml, pShopId)
Set oXMLHTTP = CreateObject("Msxml2.ServerXMLHTTP.6.0")
Dim strEnvelope
strEnvelope = "pShopId=" & pShopId & "&pEncodedHtml=" & Server.HTMLEncode(pHtml)
Call oXMLHTTP.Open("POST", "https://mydomain.dk:4430/PdfWebservice.asmx/SaveBookToPdf", false)
Call oXMLHTTP.SetRequestHeader("Content-Type","application/x-www-form-urlencoded")
Call oXMLHTTP.Send(strEnvelope)
Set oXMLHTTP = Nothing
End Sub
It smells like some kind of security issue on the server. It's working when posting a asynchronous call from the client side, but not when it comes from server side - it seems that the encoded html string is somehow not allowed in a server side call to the webservice.
Anyone who know how to solve this tricky problem?
This looks all wrong to me:
Server.HTMLEncode(pHtml)
Its quite common for developers to get confused between HTML encoding and URL encoding even though they are quite different. You are posting data that needs to be URL encoded. Hence your code should use URLEncode instead:
strEnvelope = "pShopId=" & pShopId & "&pEncodedHtml=" & Server.URLEncode(pHtml)
Edit:
One thing that URLEncode does that may not be compatible with a URLEncoded post is it converts space to "+" instead of "%20". Hence a more robust approach might be:
strEnvelope = "pShopId=" & pShopId & "&pEncodedHtml=" & Replace(Server.URLEncode(pHtml), "+", "%20")
Another issue to watch out for is that the current value of Response.CodePage will influence how the URLEncode encodes non-ASCII characters. Typically .NET does things by default in UTF-8. Hence you will also want to make sure that your Response.CodePage is set to 65001.
Response.CodePage = 65001
strEnvelope = "pShopId=" & pShopId & "&pEncodedHtml=" & Replace(Server.URLEncode(pHtml), "+", "%20")
This may or may not help but I use a handy SOAP Class for Classic ASP which solved a few problems I was having doing it manually. Your code would be something like this:
Set cSOAP = new SOAP
cSOAP.SOAP_StartRequest "https://mydomain.dk:4430/PdfWebservice.asmx", "", "SaveBookToPdf"
cSOAP.SOAP_AddParameter "pShopId", pShopId
cSOAP.SOAP_AddParameter "pEncodedHtml", Server.HTMLEncode(pHtml)
cSOAP.SOAP_SendRequest
' result = cSOAP.SOAP_GetResult("result")
You will probably need to set your namespace for it to work ("" currently), and uncomment the 'on error resume next' lines from the class to show errors.
AnthonyWJones made the point about URL encoding and HTML encoding, and the original problem being experienced is likely a combine of the two, a race condition if you will. While is was considered answered, it partially wasn't, and hopefully this answers the cause of the effect.
So, as the message get HTMLEncoded, the html entities for the tags become such '<' = '<'.
And as you may know, in URLEncoding, &'s delimit parameters; thus the first part of this data strEnvelope = "pShopId=" & pShopId & "&pEncodedHtml=" & Server.HTMLEncode(pHtml) upto the "&pEncodedHtml" bit, is fine. But then "<HTML>..." is added as the message, with unencoded &'s...and the receiving server likely is delimiting on them and basically truncating "&pEncodedHtml=" as a null assign: "&pEncodedHtml=<HTML>... ." The delimiting would be done on all &'s found in the URL.
So, as far as the server is concerned, the data for parameter &pEncodedHtml was null, and following it were now several other parameters that were considered cruft, that it likely ignored, which just happened to actually be your message.
Hope this provides additional info on issues of its like, and how to correct.
I am seeing a special character in the ASP .NET page I am rendering.
This page reads that content as XML Response from a REST service.
If I load the XML in browser, it displays "-" fine. (It's longer than the usual dash :))
But when print on the ASPX page repeater using EVAL, it displays a special character.
The page has a meta tag.
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
Though, the browser detects the page encoding as UTF-8.
I am looking for a solution so that I can get rid of special character.
The char is probably ASCII code 150 or 151. Some programs (notably MS-Word) use these for dash and long dash. The problem is that charset ISO-8859-1 does not map characters between 128 -159 to any value, so you cannot be sure how the browser will display the character.
The following function (just typed in, not checked) will convert your source string from 8859-1 to UTF-8
function string MakeUTF8String(string SourceStr)
{
byte[] b = Encoding.GetEncoding("iso-8859-1").GetBytes(SourceStr)
return System.Text.Encoding.UTF8.GetString(b);
}
I am sending an arabic value in a querystring, when retrieving it on the server, the value is erroneous and is replaced by quotation marks (????).
for example:
http://server/mypage.aspx?qs=مرحبا
the value of Request.QueryString("qs") is ?????
Note that Response.Write('مرحبا') executes correctly.
Any idea about this querystring problem?
Thanks.
Just URL Encode the arabic string and it should work fine.
Edit: You must URL Encode the string before putting it in the querystring.
For instance, if you were to url encode the space character, it will appear as %20 in your querystring, like this:
http://foo.com/dosomething?param1=hello%20world
Then when you read param1 you URL Decode it, and you get the string "hello world"
You could also URL Encode every single character but for regular characters it's pointless.
I sent an Arabic text in my query string
and when I resieved this string it was Encoded
after Server.UrlDecode
departmentName = Server.UrlDecode(departmentName);
it back again to arabic
so just use Server.UrlDecode(encodedString);
Hope this help you
I had a similar problem and solved it by putting the following line in my web.config file:
<globalization fileEncoding="windows-1256"
requestEncoding="windows-1256" responseEncoding="windows-1256"/>"
And this in the head section of my HTML page:
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
The Non english characters can't be passed without being encoded ,
so you need to encode the value before you redirect to the target page as follows:
string text="مرحبا";
text=Server.UrlEncode(text);
string url="http://server/mypage.aspx?qs="+text;
Response.Redirect(url);
In some javascript, I have:
var url = "find.aspx?" + "location=" + encodeURIComponent( address );
alert( url );
location.href = url;
where the value of address is the string "Seattle, WA".
In the alert I see
find.aspx?Seattle%2C%20WA
as I expect.
But on the server side, when I look at Request.Url, the relevant substring I see is
find.aspx?Seattle, WA
And in the Firefox url window I see
find.aspx?location=Seattle%2C WA
So I'm getting three different representations whereas I would expect that in all three places I should see what I see in the alert. My expectation is that the url I assign to location.href should show up as-is in the browser url window, and should be passed as-is to the server in Request.Url (and I would need to decode the values on the server before using them). What's happening?
Firefox converts certain encoded characters into their literal forms as a way to be friendly to users. It will also convert spaces typed into the address bar into %20 for the server.
Update: The reason Firefox doesn't display the comma unencoded is because commas are allowed in URLs, but spaces are not, so it knows that a space is going to be unambiguously interpreted, whereas the pre-encoded comma is different from a non-encoded comma to some servers. see: Can I use commas in a URL?
ASP is probably trying to help you out by auto-un-encoding the string for you.
Update: It looks like ASP.NET unencodes Request.Url for you by default, as mentioned here: QueryString malformed after URLDecode They also mention that you can use HttpRequest.Url.Query to access the un-decoded version.
The alert is the only thing not doing any "magic" for you.
For the alert, you are doing the encoding yourself. Perhaps it looks the same as on the server-side if you removed encodeURIComponent.
On the server side, ASP.NET will always show you the unencoded form. This is to make it easier to directly map to files that also have text that needed to be (un)encoded.
Note that you can replace every letter for its UTF8 representation in URL Encoding. It will still be the same URL. I.e., type the following in the browser window and it will still work: %66%59%6E%64.aspx?location=Seattle%2C%20WA. To only encode the necessary chars, use UrlEncode on the server side if you create a link yourself.
URL encoding can become fairly tricky. You ask to explain it. To know the correct escape of a certain character, you need to know how that character looks in UTF8. The hexadecimal value of the UTF-8 bytes then become the %XX%YY value of your letter. Sometimes it's one %XX, but it can be up to six byte sequences in total (some Chinese characters for instance).
URL Encoding works one way only. Never double-encode or double-unencode. This is prohibited by the specification. Also, because you can encode any character, it is not always possible (as you found out) to do roundtrip encoding/unencoding. If you unencode and re-encode again, it is well possible that the resulting string is different, but syntactically the same.
In HTML, URL Encoding is sometimes interspersed with HTML Encoding. I.e., the ampersand is valid in HTML, but not in HTML. find.aspx?city=A&name=B becomes find.aspx?city=A&name=B in and HTML URL. However, browsers are lenient and will accept wrongly HTML-encoded strings.
Finally, a not on the browser: if you type in a space in a link, even inside an <a> tag, it will escape the space (or other character) for you. Likewise, it will nowadays show the odd characters (é, ï etc) in the address bar, but when it sends it over HTTP, the browser will correctly do the encoding for you.
Update: about anwering your question of needing a "definitive" reference or proof.
While I couldn't find any on the internet, I decided to look for it myself using Reflector. Going through the methods that set, for instance, the HttpRequest.QueryString, you quickly encounter the private method HttpRequest.FillInQueryStringCollection which then calls HttpValueCollection.FillfromEncodedBytes. Somewhat near the end of that method, HttpUtility.UrlDecode is called for the values. Conclusion: do not call it yourself, to prevent double decoding.
You can see this for yourself when you download Reflector and disassemble the .NET libs of System.Web.
For your example you can change this line
var url = "find.aspx?" + "location=" + encodeURIComponent( address );
to
var url = "find.aspx?" + "location=" + address;
and see the address as it is. Bu if address variable contains any '&' character your variable will be corrupt. So you are using encodeURIComponent to encode these things url.
On the Server side all these encoded strings are decoded back. It means encodeURIComponent is just for sending the address variable (whether it contains & character or not) to server side correctly.