I have an issue with IE, when sending a querystring with special characters in it as for instance with the "Ø" (name=bjørn) in asp.net will be somehow encoded into "name=bj%ufffdrn", "ø" gets translated into "%ufff"
I would like to know, how to decode this into the right charaters.
This only happens with IE not with FF, Ch or opera.
Any ideas?
Thanks!
Firstly, you shouldn't be using htmlspecialchars to encode a URL. In PHP use urlencode (see http://uk3.php.net/manual/en/function.urlencode.php). Then ASP.NET should decode the URL parameters for you.
Related
In ASP having this URL:
http://www.example.com?foo=1&bar=2
Request.QueryString["bar"] returns NULL
The URL is a map area "href" link which I have assigned like so:
PolygonHotSpot p = new PolygonHotSpot();
p.NavigateUrl = http://www.example.com?foo=1&bar=2
ASP automatically HTML encodes the URL for the href, but it is not HTML decoding it again in the request therefore query string "bar" is not found.
Now I am using IIS URL Rewrite 2 module. Maybe this module is causing the problem? What can I do to solve it? I have tried using URL rewrite rules but couldn't figure our how or if it is the proper way.
It's probably not a good idea, but you could use Request.ServerVariables("QUERY_STRING") (or Request.ServerVariables["QUERY_STRING"] - your tags say ASP classic but your code looks like C#?) to get at the entire thing and then process it yourself.
I think there must be something deeper wrong though. A link can be encoded to be sent to the browser - the browser does the work of decoding it before navigating to the link. You can demonstrate this with a simple <a href="/test?a=1&b=2"> in a test script - the browser ends up correctly at /test?a=1&b=2. Testing it with a polygonal image map shows the same behaviour.
If you can show me what is in your actual HTML output for the image map I might be able to help more.
On our site, I use the category (in Russian) in the querystring.
E.g.: http://www.odinklik.ru/kategoriya.aspx?cat=люди
If you paste this link in IE8, it is translated to cat=???? and it does not work
If I paste it in FireFox, it works.
It gets even more weird: the same URL is reachable from the homepage, and if I click the same URL in IE8 from the homepage it works fine (unless I click open in a new tab, that it is back to ????).
I am using ASP.NET 3.5(C#)
Did you try to do encoding on first page and decode from Cyrillic to Unicode and back?
Little bit a headache but surly will work.
You should URL-encode the category name before adding it to the querystring, rather than relying on the browser to do that for you.
The method HttpServerUtility.UrlEncode should be able to handle this encoding for you.
HttpServerUtility.UrlEncode should give you the link http://www.odinklik.ru/kategoriya.aspx?cat=%D0%BB%D1%8E%D0%B4%D0%B8, which should give you the correct result.
(Note that %D0%BB corresponds to л, %D1%8E to ю, %D0%B4 to д and %D0%B8 to и. As the Unicode values for Cyrillic characters are over U+ff, you will require two URL-encoding bytes for each character.)
According to old AntiXss article on MSDN AntiXss.UrlEncode is used to encode link href (Untrusted-input in the following example):
Click Here!
My understanding was, that UrlEncode should be used only when setting something to URL, like when setting document.location with JS. So why don't I use HtmlAttributeEncode in the previous example to encode [Untrusted-input]? On the other hand is there a security flaw if I use UrlEncode to encode HTML attributes like in the above sample?
Url Encode encodes URL parameters for use in anchor tags.
Html Attribute encode encodes things for use in general HTML attributes.
Both encoding types vary - unsafe characters in HTML attribute encoding will be turned into a &xxx; form, in URL encoding they'll turn into %xxx. Whilst it's probably unlikely getting it wrong would cause a security problem your data wouldn't be properly rendered in the browser, or understood in a request.
(Indeed Url encoding is probably going to change because of an incompatibility with older browsers, and HTML Encoding will change in the next CTP drop to allow for safe listing of particular Unicode ranges).
I have a URL with unicode characters in it
http://www.argaam.com/Common/Handlers/DownloadAttachment.aspx?referer=/portal&fileName=اعمار. -الربع الثاني_633857794599657020.pdf&folder=\CompanyFinancialResults\
this is working fine in FireFox and Chrome and Safari but when the request if sent from IE the server sends me to an Error page.
OK i got the request the server recieves and its like this
IE
GET /Common/Handlers/DownloadAttachment.aspx?referer=/portal&fileName=?????.%20-?????%20??????_633857794599657020.pdf&folder=\CompanyFinancialResults\ HTTP/1.1
FireFox
GET /Common/Handlers/DownloadAttachment.aspx?referer=/portal&fileName=%D8%A7%D8%B9%D9%85%D8%A7%D8%B1.%20-%D8%A7%D9%84%D8%B1%D8%A8%D8%B9%20%D8%A7%D9%84%D8%AB%D8%A7%D9%86%D9%8A_633857794599657020.pdf&folder=\CompanyFinancialResults\ HTTP/1.1
So for some reason IE is not encoding the multibyte characters properly !!
Anyone has any idea why?
Your link should be URLEncoded when placed in the HTML, rather than relying on the browser to try to encode the URL for you. (IE's behavior for which varies depending on the client's OS/language, etc).
It looks like the URL has multi-byte characters in it, I havent expereinced this, so not sure if thats part of the issue? Also the URL looks like it has a filename, it could be that filenames with those characters cannot exist or the file does not exist?
Try making the registry changes documented on this page at Microsoft:
Internet Explorer May Not Connect to Web Sites with Multibyte Character Set Link or URL
To work around this behavior, you must add a registry value. Add a DWORD registry value named MBCSServername with a data value of 0 to the following registry key:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
I'm trying to write a Greasemonkey script that will convert all "Play" links on a page to embedded audio (using the <embed> tag).
When I use a link that I get from a GMail attachment, it works like a charm.
When I use a link from another site (Digium Switchvox), the HTTP response header has ContentType set to "application/octet-stream" instead of "audio/x-wav" (like GMail's link). This confuses Firefox, which decides that I don't have the right plugin installed. If I set the type attribute in the <embed> tag to "audio/x-wav", Firefox uses Quicktime to load the file. Quicktime gets confused, however, and won't play the file.
Does anyone know of a clever way to solve this problem?
have you tried overrideMimeType?
overrideMimeType
String (Compatibility: 0.6.8+) Optional.
A MIME type to specify with the request (E.G. "text/html; charset=ISO-8859-1").