Coffeehouse Thread

10 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

I DEMAND a recount

Back to Forum: Coffeehouse
  • User profile image
    SaraJo


    Ok, so I've been wresting with my application for hours. I wasn't able to debug my VB.NET script in my .aspx page so troubleshooting was rough.

    When I FIANLLY got to the solution, it turns out that when I sent a UrlEncoded string through a query string it was already decoded when I did a request.QueryString.  I did NOT have to do a UrlDecode(QueryStringValue)

    I have decided that this is crap and makes no sense. My boss insists that there is nowhere that is documented that once you send a coded value through a query string you subsequently have to decode it. I think that negates the definition of calling it "UrlEncoding" why not just "UrlYouCanNowPassThroughQueryString" or "UrlThatWillNotRedirectYourPage" or "UrlThisIsSomethingYouCanUnderstandNotSomeCrapThatWillKeepYouUpAllNight"

  • User profile image
    Minh

    Quick question... what happen if you UrlDecode an UrlEncoded string twice? Wouldn't you get the same value if you only did it once? I'm too lazy to test...

  • User profile image
    Maddus Mattus

    <comfort>
       <subject name="SaraJo" />
    </comfort>

    These types of lessons are always learned the hard way Smiley

  • User profile image
    Sven Groot

    Minh wrote:
    Quick question... what happen if you UrlDecode an UrlEncoded string twice? Wouldn't you get the same value if you only did it once? I'm too lazy to test...

    Not necessarily. If the decoded string contains % signs, there may be a difference.

    SaraJo, it does make sense. UrlEncode makes it safe to make a string part of a URL. If there's characters in there that a URL can't contain they are escaped so you can put them in the URL anyway.

    When you retrieve a value from the querystring, naturally you want the real string, not the one with all the escapes in it that was only created for the sake of putting it in the URL. So why doesn't it make sense that Request.QueryString would decode that string for you?

  • User profile image
    Minh

    Sven Groot wrote:
    
    Not necessarily. If the decoded string contains % signs, there may be a difference.
    Aah, yes, you're right. That means that SaraJo has a decoded string that contains a %. So, when she decoded it again, she gets a different string.

    Anyone else think SaraJo UrlEncode a string twice? Because I can't think of why you would legitimately have a % in a decoded string.

  • User profile image
    SaraJo

    Minh wrote:
    
    Sven Groot wrote:
    
    Not necessarily. If the decoded string contains % signs, there may be a difference.
    Aah, yes, you're right. That means that SaraJo has a decoded string that contains a %. So, when she decoded it again, she gets a different string.

    Anyone else think SaraJo UrlEncode a string twice? Because I can't think of why you would legitimately have a % in a decoded string.


    SaraJo doesn't think she encoded it twice. There was no % it was a hashed string and had many characters like + = / and so on.

  • User profile image
    SaraJo

    Maddus Mattus wrote:
    

    <comfort>
       <subject name="SaraJo" />
    </comfort>

    These types of lessons are always learned the hard way



    Smiley thanks.

  • User profile image
    Minh

    SaraJo wrote:
    
    SaraJo doesn't think she encoded it twice. There was no % it was a hashed string and had many characters like + = / and so on.
    Aahh... well... Um... In my expert opinion, I don't recommend decoding a string like that twice, then. [6]

  • User profile image
    Matthew van Eerde

    Two questions...

    1) How did it end up in the querystring?  There are some operations that have an automatic UrlEncode in them (like setting a form element's value.)

    2) How are you pulling it from the querystring?  Are you pulling it out by name, or are you using the raw Request.QueryString property?

    IIRC, Request.QueryString has the raw characters sent in the HTTP request, but Request.QueryString(foo) has an automatic UrlDecode in it.

  • User profile image
    Maddus Mattus

    It's kinda like the ViewState.

    You don't have to know it is encoded, you just use it:

    ViewState["UserID"]

    or the Session:

    Session["UserID"]

    It's a statebag, how it persists it's state is up to the bag. Cool

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.