Character + is converted to %2B in HTTP Post - http

I'm adding functionality to a GM script we use here at work, but when trying to post (cross site may I add) to another page, my posting value of CMD is different than what it is on the page.
It's supposed to be Access+My+Account+Info but the value that is posted becomes Access%2BMy%2BAccount%2BInfo.
So I guess my question is: What's escaping my value and how do I make it not escape? And if there's no way to unescape it, does anyone have any ideas of a workaround?
Thanks!

%2B is the code for a +. You (or whatever framework you're using) should already be decoding the POST data server-side...

Just a quick remark: If you want to decode a path segment, you can use UriUtils (spring framework):
#Test
public void decodeUriPathSegment() {
String pathSegment = "some_text%2B"; // encoded path segment
String decodedText = UriUtils.decode(pathSegment, "UTF-8");
System.out.println(decodedText);
assertEquals("some_text+", decodedText);
}
Uri path segments are different from HTML escape chars (see list). Here is an example:
#Test
public void decodeHTMLEscape() {
String someString = "some_text+";
String stringJsoup = org.jsoup.parser.Parser.unescapeEntities(someString, false);
String stringApacheCommons = StringEscapeUtils.unescapeHtml4(someString);
String stringSpring = htmlUnescape(someString);
assertEquals("some_text+", stringJsoup);
assertEquals("some_text+", stringApacheCommons);
assertEquals("some_text+", stringSpring);
}

/data/v50.0/query?q=SELECT Id from Case
This worked for me. Give space instead of '+'

Related

How to replace url if it is not anchored yet?

I need to replace all urls in the text IF they are not put into '...' HTML tags yet.
The unconditional way to replace is described here: Recognize URL in plain text.
Here is my implementation of it:
private static readonly Regex UrlMatcherRegex = new Regex(#"\b(?:(?:https?|ftp|file)://|www\.|ftp\.)(?:\([-A-Z0-9+&##/%=~_|$?!:,.]*\)|[-A-Z0-9+&##/%=~_|$?!:,.])*(?:\([-A-Z0-9+&##/%=~_|$?!:,.]*\)|[A-Z0-9+&##/%=~_|$])", RegexOptions.Compiled | RegexOptions.IgnoreCase);
public static string GetProcessedMessage(this INews news)
{
string res = UrlMatcherRegex.Replace(news.Mess, ReplaceHrefByAnchor);
return res;
}
private static string ReplaceHrefByAnchor(Match match)
{
string href = match.Groups[0].Value;
return string.Format("{0}", href);
}
But how can I ignore those URLs which are already formatted properly?
Please advise.
P.S. I'm using ASP.NET 4.5
P.P.S. I could imagine that one of the solutions could be enhance regex to check for "
From my point of view there are 2 solutions:
Use special libraries to parse your HTML document (if it's proper HTML document). For example, you can use XDocument.Parse. After parsing the document you can easily find out if the element is normal HTML "a" tag or it's just a plain text.
You can suggest that if the link is already formatted properly - it will have "href" prefix before the URL. So, in your regex you can search for all links not having "href=" before them. This could be done either via C# or via regex negative look-around functionality. You can see an example here: Regular expression to match string not containing a word?

How to make url case sensitive asp.net application hosted on IIS 8

I have issue here regarding URL Case Sensitivity. i.e. we show results for http://www.starmicronics.com/Printer/Home.aspx (the actual page that exists) as well as for http://www.starmicronics.com/printer/home.aspx (a second page and folder listed with lower case names that actually doesn’t exist).
I want to Convert second url to fist url automatically. How to do that. Any suggestion is highly appreciated.
Thanks
Dwarika
I am not sure what language you are using. But if you are doing this on the server side in C# you could use a regex:
static void Main( string[] args )
{
//Your test string
string test = #"http://www.starmicronics.com/printer/home.aspx";
var result = Regex.Replace( test, "(?<=[^/]/)[^/]", delegate( Match match )
{
string v = match.ToString();
return char.ToUpper(v[0]) + v.Substring(1);
});
Console.WriteLine(result); //http:www.starmicronics.com/Printer/Home.aspx
}
Explanation of Regex (?<=[^/]/)[^/]
A character that is not a / preceded by a / that itself is not preceeded by a /
[^/] not a /
?<= a positive look behind
This is a simple approach that would satisfy your example.
Please try ISAPI_Rewrite 3, it may help you. you need to write rule for it.
http://www.helicontech.com/isapi_rewrite/

asp .net query string encoding and decoding

I type the following url into my web browser and press enter.
http://localhost/website.aspx?paymentID=6++7d6CZRKY%3D&language=English
Now in my code when I do HttpContext.Current.Request.QueryString["paymentID"],
I get 6 7d6CZRKY=
but when I do HttpContext.Current.Request.QueryString.ToString() I see the following:
paymentID=6++7d6CZRKY%3D&language=English
The thing I want to extract the actual payment id that the user typed in the web browser URL. I am not worried as to whether the url is encoded or not. Because I know there is a weird thing going on here %3D and + sign at the same time ! But I do need the actual + sign. Somehow it gets decoded to space when I do HttpContext.Current.Request.QueryString["paymentID"].
I just want to extract the actual payment ID that the user typed. What's the best way to do it?
Thank you.
You'll need to encode the URL first, using URLEncode(). + in URL equals a space so needs to be encoded to %2b.
string paymentId = Server.UrlEncode("6++7d6CZRKY=");
// paymentId = 6%2b%2b7d6CZRKY%3d
And now
string result = Request.QueryString["paymentId"].ToString();
//result = 6++7d6CZRKY=
However
string paymentId = Server.UrlEncode("6 7d6CZRKY=");
//paymentId looks like you want it, but the + is a space -- 6++7d6CZRKY%3d
string result = Request.QueryString["paymentId"].ToString();
//result = 6 7d6CZRKY=
There is some info on this here: Plus sign in query string.
But I suppose you could also use a regular expression to get your parameter out of the query string. Something like this:
string queryString = HttpContext.Current.Request.QueryString.ToString();
string paramPaymentID = Regex.Match(queryString, "paymentID=([^&]+)").Groups[1].Value;
I sent an Arabic text in my query string
and when I resieved this string it was Encoded
after Server.UrlDecode
departmentName = Server.UrlDecode(departmentName);
it back again to arabic
I hope this help you

Asp.net: path encoding

I have an image gallery that I created by reading the contents inside a directory. Now right away I noticed a problem when there was a "+" in the filename. Like "glas + door.jpg" would break. So I thought it was an encoding problem and since it was only the "+" sign I thought that replacing the "+" with "%2b" would solve the problem. Locally the problem was fixed but when I uploaded it to my host I noticed replacing the "+" sign with "%2b" didn't work help anymore.
So this is where I started looking at the encoding possibilities of ASP.NET. I found Server.UrlEncode and Server.UrlPathEncode. This gave me some mixed results like images that worked before wouldn't work anymore.
So what's the correct way of encoding a path and why did the replace "trick" work on my PC but not in my hosting environment?
public List<fileInfo> RenderImages()
{
List<fileInfo> RenderImages = new List<fileInfo>();
var Images = GetImages();
if (Images != null)
{
foreach (var Image in Images)
{
string FullPath = Path + FolderName + "/" + Image.Name.Replace("+", "%2b");
string ImageName = Image.Name.Replace(Image.Extension, string.Empty);
RenderImages.Add(new fileInfo { path = FullPath, name = ImageName });
}
}
return RenderImages;
}
public class fileInfo
{
public string path { get; set; }
public string name { get; set; }
}
The GetImages() function gets jpg, gif and png FileInfos from a certain directory. If needed, I can post that part of code also.
If it helps, here you can see how the images break. This is with Replace("+", "%2b").
Thanks in advance.
The problem is that space can be escaped as + in URL:s and there is no way for a server to tell if you really mean + or space. Even when encoded as %2b it might be a double encoded space, so it will still turn out as a space when decoded.
To fix this, you can manually replace "+" with "%252b" instead, which will correctly decode as +.
It's not a real fix to my problem but I just replaced all the "+" signs with "plus". In the captation of the images I replaced it back with "+". It's just a work around because I wasn't able to solve my problem.

How to validate email address inputs?

I have an ASP.NET web form where I can can enter an email address.
I need to validate that field with acceptable email addresses ONLY in the below pattern:
xxx#home.co.uk
xxx#home.com
xxx#homegroup.com
A regular expression to validate this would be:
^[A-Z0-9._%+-]+((#home\.co\.uk)|(#home\.com)|(#homegroup\.com))$
C# sample:
string emailAddress = "jim#home.com";
string pattern = #"^[A-Z0-9._%+-]+((#home\.co\.uk)|(#home\.com)|(#homegroup\.com))$";
if (Regex.IsMatch(emailAddress, pattern, RegexOptions.IgnoreCase))
{
// email address is valid
}
VB sample:
Dim emailAddress As String = "jim#home.com"
Dim pattern As String = "^[A-Z0-9._%+-]+((#home\.co\.uk)|(#home\.com)|(#homegroup\.com))$";
If Regex.IsMatch(emailAddress, pattern, RegexOptions.IgnoreCase) Then
' email address is valid
End If
Here's how I would do the validation using System.Net.Mail.MailAddress:
bool valid = true;
try
{
MailAddress address = new MailAddress(email);
}
catch(FormatException)
{
valid = false;
}
if(!(email.EndsWith("#home.co.uk") ||
email.EndsWith("#home.com") ||
email.EndsWith("#homegroup.com")))
{
valid = false;
}
return valid;
MailAddress first validates that it is a valid email address. Then the rest validates that it ends with the destinations you require. To me, this is simpler for everyone to understand than some clumsy-looking regex. It may not be as performant as a regex would be, but it doesn't sound like you're validating a bunch of them in a loop ... just one at a time on a web page
Depending on what version of ASP.NET your are using you can use one of the Form Validation controls in your toolbox under 'Validation.' This is probably preferable to setting up your own logic after a postback. There are several types that you can drag to your form and associate with controls, and you can customize the error messages and positioning as well.
There are several types that can make it a required field or make sure its within a certain range, but you probably want the Regular Expression validator. You can use one of the expressions already shown or I think Visual Studio might supply a sample email address one.
You could use a regular expression.
See e.g. here:
http://tim.oreilly.com/pub/a/oreilly/windows/news/csharp_0101.html
Here is the official regex from RFC 2822, which will match any proper email address:
(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")#(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
I second the use of a regex, however Patrick's regex won't work (wrong alternation). Try:
[A-Z0-9._%+-]+#home(\.co\.uk|(group)?\.com)
And don't forget to escape backslashes in a string that you use in source code, depending on the language used.
"[A-Z0-9._%+-]+#home(\\.co\\.uk|(group)?\\.com)"
Try this:
Regex matcher = new Regex(#"([a-zA-Z0-9_\-\.]+)\#((home\.co\.uk)|(home\.com)|(homegroup\.com))");
if(matcher.IsMatch(theEmailAddressToCheck))
{
//Allow it
}
else
{
//Don't allow it
}
You'll need to add the Regex namespace to your class too:
using System.Text.RegularExpressions;
Use a <asp:RegularExpressionValidator ../> with the regular expression in the ValidateExpression property.
An extension method to do this would be:
public static bool ValidEmail(this string email)
{
var emailregex = new Regex(#"[A-Za-z0-9._%-]+(#home\.co\.uk$)|(#home\.com$)|(#homegroup\.com$)");
var match = emailregex.Match(email);
return match.Success;
}
Patricks' answer seems pretty well worked out but has a few flaws.
You do want to group parts of the regex but don't want to capture them. Therefore you'll need to use non-capturing parenthesis.
The alternation is partly wrong.
It does not test if this was part of the string or the entire string
It uses Regex.Match instead of Regex.IsMatch.
A better solution in C# would be:
string emailAddress = "someone#home.co.uk";
if (Regex.IsMatch(emailAddress, #"^[A-Z0-9._%+-]+#home(?:\.co\.uk|(?:group)?\.com)$", RegexOptions.IgnoreCase))
{
// email address is valid
}
Of course to be completely sure that all email addresses pass you can use a more thorough expression:
string emailAddress = "someone#home.co.uk";
if (Regex.IsMatch(emailAddress, #"^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*#home(?:\.co\.uk|(?:group)?\.com)$", RegexOptions.IgnoreCase))
{
// email address is valid
}

Resources