C# URLDecode 后 QueryString 格式错误
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/123994/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
QueryString malformed after URLDecode
提问by pdavis
I'm trying to pass in a Base64 string into a C#.Net web application via the QueryString. When the string arrives the "+" (plus) sign is being replaced by a space. It appears that the automatic URLDecode process is doing this. I have no control over what is being passed via the QueryString. Is there any way to handle this server side?
我正在尝试通过 QueryString 将 Base64 字符串传递到 C#.Net Web 应用程序中。当字符串到达时,“+”(加号)符号被空格替换。似乎自动 URLDecode 进程正在执行此操作。我无法控制通过 QueryString 传递的内容。有没有办法处理这个服务器端?
Example:
例子:
http://localhost:3399/Base64.aspx?VLTrap=VkxUcmFwIHNldCB0byAiRkRTQT8+PE0iIHBsdXMgb3IgbWludXMgNSBwZXJjZW50Lg==
Produces:
产生:
VkxUcmFwIHNldCB0byAiRkRTQT8 PE0iIHBsdXMgb3IgbWludXMgNSBwZXJjZW50Lg==
People have suggested URLEncoding the querystring:
人们建议对查询字符串进行 URLEncoding:
System.Web.HttpUtility.UrlEncode(yourString)
I can't do that as I have no control over the calling routine (which is working fine with other languages).
我不能这样做,因为我无法控制调用例程(这在其他语言中运行良好)。
There was also the suggestion of replacing spaces with a plus sign:
还有人建议用加号替换空格:
Request.QueryString["VLTrap"].Replace(" ", "+");
I had though of this but my concern with it, and I should have mentioned this to start, is that I don't know what othercharacters might be malformed in addition to the plus sign.
我虽然想到了这一点,但我对此的担忧,我应该首先提到这一点,是我不知道除了加号之外还有哪些其他字符可能格式不正确。
My main goal is to intercept the QueryString before it is run through the decoder.
我的主要目标是在通过解码器运行 QueryString 之前拦截它。
To this end I tried looking at Request.QueryString.toString() but this contained the same malformed information. Is there any way to look at the raw QueryString beforeit is URLDecoded?
为此,我尝试查看 Request.QueryString.toString() ,但它包含相同的格式错误的信息。有没有办法在URLDecoded之前查看原始 QueryString ?
After further testing it appears that .Net expects everything coming in from the QuerString to be URL encoded but the browser does not automatically URL encode GET requests.
经过进一步测试,似乎 .Net 期望来自 QuerString 的所有内容都进行 URL 编码,但浏览器不会自动对 GET 请求进行 URL 编码。
采纳答案by Troels Thomsen
You could manually replace the value (argument.Replace(' ', '+')) or consult the HttpRequest.ServerVariables["QUERY_STRING"](even better the HttpRequest.Url.Query) and parse it yourself.
您可以手动替换值 ( argument.Replace(' ', '+')) 或咨询HttpRequest.ServerVariables["QUERY_STRING"](甚至更好的 HttpRequest.Url.Query)并自己解析它。
You should however try to solve the problem where the URL is given; a plus sign needs to get encoded as "%2B" in the URL because a plus otherwise represents a space.
但是,您应该尝试解决给出 URL 的问题;加号需要在 URL 中编码为“%2B”,因为加号否则表示空格。
If you don't control the inbound URLs, the first option would be preferred as you avoid the most errors this way.
如果您不控制入站 URL,则首选第一个选项,因为您可以通过这种方式避免最多的错误。
回答by Nir
If you URLEncode the string before adding it to the URL you will not have any of those problems (the automatic URLDecode will return it to the original state).
如果在将字符串添加到 URL 之前对字符串进行 URLEncode,则不会遇到任何这些问题(自动 URLDecode 会将其返回到原始状态)。
回答by Ryan White
I am by no means a C# developer but it looks like you need to url ENCODE your Base64 string before sending it as a url.
我绝不是 C# 开发人员,但看起来您需要在将 Base64 字符串作为 url 发送之前对其进行 url 编码。
回答by Jason Bunting
Can't you just assume a space is a + and replace it?
你不能假设一个空格是一个 + 并替换它吗?
Request.QueryString["VLTrap"].Replace(" ", "+");
;)
;)
回答by AviD
Well, obviously you should have the Base64 string URLEncoded before sending it to the server.
If you cannot accomplish that, I would suggest simply replacing any embedded spaces back to +; since b64 strings are not suposed to have spaces, its a legitimate tactic...
好吧,显然您应该在将 Base64 字符串 URLEncoded 发送到服务器之前。
如果你不能做到这一点,我建议简单地将任何嵌入的空格替换回 +; 由于 b64 字符串不应该有空格,因此它是一种合法的策略......
回答by henriksen
System.Web.HttpUtility.UrlEncode(yourString)will do the trick.
System.Web.HttpUtility.UrlEncode(yourString)会做的伎俩。
回答by Alexander
As a quick hack you could replace space with plus character before base64-decoding.
作为快速黑客,您可以在 base64 解码之前用加号字符替换空格。
回答by Tim Farley
The suggested solution:
建议的解决方案:
Request.QueryString["VLTrap"].Replace(" ", "+");
Should work just fine. As for your concern:
应该工作得很好。至于你的顾虑:
I had though of this but my concern with it, and I should have mentioned this to start, is that I don't know what other characters might be malformed in addition to the plus sign.
我虽然想到了这一点,但我对此的担忧,我应该首先提到这一点,是我不知道除了加号之外还有哪些其他字符可能格式不正确。
This is easy to alleviate by reading about base64. The only non alphanumeric characters that are legal in modern base64 are "/", "+" and "=" (which is only used for padding).
这很容易通过阅读 base64来缓解。在现代 base64 中合法的唯一非字母数字字符是“/”、“+”和“=”(仅用于填充)。
Of those, "+" is the only one that has special meaning as an escaped representation in URLs. While the other two have special meaning in URLs (path delimiter and query string separator), they shouldn't pose a problem.
其中,“+”是唯一一个在 URL 中作为转义表示具有特殊含义的。尽管其他两个在 URL 中具有特殊含义(路径分隔符和查询字符串分隔符),但它们应该不会造成问题。
So I think you should be OK.
所以我觉得你应该没问题。
回答by Oaresome
I'm having this exact same issue except I have control over my URL. Even with Server.URLDecodeand Server.URLEncodeit doesn't convert it back to a +sign, even though my query string looks as follows:
我遇到了完全相同的问题,但我可以控制我的 URL。即使使用Server.URLDecode并且Server.URLEncode它也不会将其转换回+符号,即使我的查询字符串如下所示:
http://localhost/childapp/default.aspx?TokenID=0XU%2fKUTLau%2bnSWR7%2b5Z7DbZrhKZMyeqStyTPonw1OdI%3d
When I perform the following.
当我执行以下操作时。
string tokenID = Server.UrlDecode(Request.QueryString["TokenID"]);
it still does not convert the %2bback into a +sign. Instead I have to do the following:
它仍然不会将%2b背面转换为+符号。相反,我必须执行以下操作:
string tokenID = Server.UrlDecode(Request.QueryString["TokenID"]);
tokenID = tokenID.Replace(" ", "+");
Then it works correctly. Really odd.
然后它可以正常工作。真的很奇怪。
回答by Roman Lazunin
I had similar problem with a parameter that contains Base64 value and when it comes with '+'. Only Request.QueryString["VLTrap"].Replace(" ", "+"); worked fine for me; no UrlEncode or other encoding helping because even if you show encoded link on page yourself with '+' encoded as a '%2b' then it's browser that changes it to '+' at first when it showen and when you click it then browser changes it to empty space. So no way to control it as original poster says even if you show links yourself. The same thing with such links even in html emails.
我对包含 Base64 值的参数以及带有“+”的参数有类似的问题。只有 Request.QueryString["VLTrap"].Replace(" ", "+"); 对我来说很好;没有 UrlEncode 或其他编码帮助,因为即使您自己在页面上显示编码的链接,“+”编码为“%2b”,那么浏览器首先会在显示时将其更改为“+”,当您单击它时,浏览器会更改它到空的空间。因此,即使您自己显示链接,也无法像原始海报所说的那样控制它。即使在 html 电子邮件中,此类链接也是如此。
