Why do I get a 400 - bad request error using the following URL? It is encoded using Server.UrlEncode. The actual path query parameter is C:\Development\Chase\Exports\ChaseExport-090312073930.zip
http://localhost:50199/Common/Forms/Export_Stream.aspx%3fpath%3dC%3a%5CDevelopment%5CChase%5CExports%5CChaseExport-090312073930.zip
You should not urlencode the entire querystring, just the values, so URL should be
http://localhost:50199/Common/Forms/Export_Stream.aspx?path=C%3a%5CDevelopment%5CChase%5CExports%5CChaseExport-090312073930.zip
I've written an article with Stefan's help that explains how to do this:
Experiments in Wackiness: Allowing percents, angle-brackets, and other naughty things in the ASP.NET/IIS Request URL
Try this:
http://localhost:50199/Common/Forms/Export_Stream.aspx?path=C%3a%5CDevelopment%5CChase%5CExports%5CChaseExport-090312073930.zip
Related
I am trying to make a POST request to the following url: http://xxx.xxx.xxx.xxx/api/signup
However I get this response:
http://xxx.xxx.xxx.xxx/api/signup?first_name=&last_name=&email_id=&password=&dob ...Please pass parameters...
So I tried making the request like this:
http://xxx.xxx.xxx.xxx/api/signup?first_name=Jay&last_name=Last&email_id=Jay#test.com&password=qqq&dob=1/1/15
But I get the same response.
I have no idea what the correct syntax is supposed to be...
Can someone please explain how I should rewrite the url?
Edit
After I make the request, if successful, I get a response saying "success new user" and a JSON with the key/vals
Does encoding your values make any difference?
for example:
http://xxx.xxx.xxx.xxx/api/signup?first_name=Jay&last_name=Last&email_id=Jay%40test.com&password=qqq&dob=1%2F1%2F15
I am using the Google QR-Code API to create a QR-Code that includes a URL. This is the URL I am using:
https://chart.googleapis.com/chart?chs=500x500&cht=qr&chl=http://www.test.de/Web/Portale/Form.aspx?PortalId=1&FormName=DetailsForm1&EstateId=14490
What I want in the QR-Code is:
http://www.test.de/Web/Portale/Form.aspx?PortalId=1&FormName=DetailsForm1&EstateId=14490
What I get is:
http://www.test.de/Web/Portale/Form.aspx?PortalId=1
So its cutting at the "&". Any ideas how to solve that?
Thanks :-)
You have to escape for your URL part before parsing into chl parameter.
A simple way would be replacing & with %26 for your url portion.
Try this instead: https://chart.googleapis.com/chart?chs=500x500&cht=qr&chl=http://www.test.de/Web/Portale/Form.aspx%3FPortalId=1%26FormName=DetailsForm1%26EstateId=14490
You need to URL encode the value of the chl parameter. Otherwise the & in that embedded URL will be interpretted as a delimiter for the parameters in the querystring of the outer googleapis.com URL.
If you are using Javascript you can use encodeURIComponent('http://www.test.de/Web/Portale/Form.aspx?PortalId=1&FormName=DetailsForm1&EstateId=14490') to do the encoding.
Solved this, the solution was to use the following code:
Server.UrlEncode(string url)
Now it works perfectly :).
Thanks, encoding was what made it click for me :).
In ASP.NET, is there any way to get the real raw URL?
For example, if a user browse to "http://example.com/mypage.aspx/%2F", I would like to be able to get "http://example.com/mypage.aspx/%2F" rather than "http://example.com/mypage.aspx//".
I would of course like a clean way to do it, but I can live with a hacky approach using reflection or accessing obscure properties.
At the moment, I try to use the uri in the Authorization-header (which works), but I cannot rely on that always being there.
EDIT:
What I really want to do is to be able to distinguish between "http://example.com/mypage.aspx/%2F" and "http://example.com/mypage.aspx/%2F%2F".
It looks like ASP.NET first converts "%2F%2F" into "//" and then converts the slashes into a single slash.
So just re-encoding it is not going to work.
I wasn't able to test this because it only works in IIS and not the ASP.NET Development Server that is part of Visual Studio, but try:
Request.ServerVariables[ "HTTP_URL" ]
The following code works for me:
IServiceProvider serviceProvider = (IServiceProvider)HttpContext.Current;
HttpWorkerRequest workerRequest = (HttpWorkerRequest)serviceProvider.GetService(typeof(HttpWorkerRequest));
string realUrl = workerRequest.GetServerVariable("HTTP_URL");
Note that this only works when running on the IIS and not under f.x. ASP.NET Development Server!
Thanks to Lucero for the answer in another thread and Zhaph for pointing me to the thread.
See also:
Get the exact url the user typed into the browser
Server.HtmlEncode(Request.RawUrl);
The raw URL is defined as the part of the URL following the domain information. In the URL string http://www.contoso.com/articles/recent.aspx, the raw URL is /articles/recent.aspx. The raw URL includes the query string, if present.
see also:link text
I can't test here, but this might be what you need:
Request.Url.AbsoluteUri
Request.RawUrl will return the application relative path(including querystring info) while Request.Url will return the complete path(including querystring info).
For more information, see "Making sense of ASP.NET paths".
Well, you could just encode it back to the url-encoded version.
Get the url from the request and urlencode only the query string part and then concatenate them
For example:
http://stackoverflow.com/questions/698627/ms-access-properties
The number is part of the URL but is an argument to the web app as opposed to other options like:
http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
where all the args come after the '?'. I have used the second form before and I'm only trying to learn about the first form.
I'm sure I can find what else I need once I known what that's called so I can Google it.
URL Rewriting, generally.
Edit: Here is a good introduction to URL Rewriting.
Variables passed in the form of a URL are called the Query String. In a url like:
http://examples.com?a=b&c=d&e=f
The query string is ?a=b&c=d&e=f
In the Stackoverflow example, it uses URL Rewriting, specifically with MVC Routing to make 'pretty URLs'. There are other ways to do it in other languages. Some make use of Apache's mod_rewrite (example) while others parse the requested URI. In PHP a url like
http://example.com/index.php/test/path/info
can be parsed by reading $_SERVER['PATH_INFO'] which is /text/path/info.
Generally, they are using URL Rewriting to simulate the query string however. In the Stackoverflow example:
http://stackoverflow.com/questions/698711/what-is-the-name-for-that-thing-that-lets-part-of-the-url-be-an-argument
The important parts are the questions/698711. You can change the title of the question with impunity but the other two parts you cannot.
It's usually called the 'path info'.
That's just URL mapping. It lets you use pretty URLs instead of a large query string.
I believe the StackOverflow URL works that way because it is using MVC whereas your bottom example is using standard requests.
It is indeed done by URL rewriting.
Usually, web application frameworks do this automatically if you install it correctly on your server.
Check out CakePHP as an example.
It's called a URL parameter and uses the HTTP GET method. As others mentioned, it can be rewritten using URL rewriting so that the URL is easier to read and use. Some search keywords: "SEF URLs", "Apache Rewrite", "pretty URLs".
I'm working on a legacy app and for whatever reason it's trying to stuff URL-encoded angle brackets into a URL. For example, to get a URL ending with "<sometext>":
http://somesite.com/somefolder/%3csometext%3e
When the above URL-encoded URL is fetched, it generates a 400 error (Bad Request) on IIS6 and I can't quite figure out why. Probably something simple, but I'm stumped.
Ideas? Thanks.
You must have URLScan tool installed (http://technet.microsoft.com/en-us/security/cc242650.aspx) which disallows angle brackets (in any form).
According to this,
The new default urlscan.ini contains a rule in it to protect against these sort of patterns and the rule is just simply:
[DenyQueryStringSequences]
<
>