开发者

Context.Request.RawUrl returns a wrong partially encoded url, how can I fix it?

Since I decided to pass the id of a particular record via query string so I encrypted the id (id=090ed4fe-daec-452d-b025-f664dcc1164d) and attached it's value to the url.

As we all know the url encoded value for / is %2f. So, on a particular instance of the application an id value (id=090ed4fe-daec-452d-b025-f664dcc1164d), which was encrypted and then encoded returns a value:

M2vaIbPkOqO6lw4jv%2bqE2f%2fhTrK495ny92uPcLBOJBNcMpg1RUme%2fvAo6LyKfdp9e

When I hover across开发者_运维技巧 the a link I get:

M2vaIbPkOqO6lw4jv+qE//hTrK495ny92uPcLBOJBNcMpg1RUme/vAo6LyKfdp9e

for the "encrypted and encoded" part which is right. But when I use the Context.Request.RawUrl property to retrieve the url I get:

M2vaIbPkOqO6lw4jv+qE/hTrK495ny92uPcLBOJBNcMpg1RUme/vAo6LyKfdp9e

So the problem is that it remove one(1) '/' from the string and hence I can not decrypt the string anymore.

By the way I have had this module for months now and have never encountered this problem. It just turns out that I'm having two(2) '/'(2f%2f) adjacent to each other for the first time.

Please, is there anyway I can make Context.Request.RawUrl return the right string and stop it from striping off one(1) '/'?


It sounds very much like you're suffering the effects of URL normalization, see "Remvoing duplicate slashes" somehow. *It's worth mentioning that your encoded example shows %2bqE2f%2f, which is missing a % prior to the first 2f. Is that pertinent?

That said, I've been entirely unable to reproduce your issue (with the test case I show below) so perhaps you could share some more information?

WebForm1.aspx (skipping head/body/form tags for brevity):

<a href="WebForm1.aspx?id=M2vaIbPkOqO6lw4jv+qE//hTrK495ny92uPcLBOJBNcMpg1RUme/vAo6LyKfdp9e">Click!</a>
<a href="WebForm1.aspx?id=M2vaIbPkOqO6lw4jv%2bqE%2f%2fhTrK495ny92uPcLBOJBNcMpg1RUme%2fvAo6LyKfdp9e">Click Encoded!</a>
<br />
<br />
<asp:Label runat="server" ID="myLabel">
</asp:Label>

WebForm1.aspx.cs:

protected void Page_Load(object sender, EventArgs e)
{
    myLabel.Text = "<pre>" + Request.RawUrl + "</pre>";
}
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜