Double encoded url being fully decoded in ASP.NET

I have just come across something that is quite strange and yet I haven't found any mention on the interwebs of others having the same problem.

If I hit my ASP.NET application with a double encoded url then the Request["myQueryParam"] will do a double decode of the query for me. This is not desirable as I have double encoded my query string for a good reason.

Can others confirm I'm not doing something obviously wrong, and why this would happen. A solution to prevent it, without doing some nasty query string parsing, would 开发者_StackOverflow中文版be great too!

As an example if you hit the url: http://localhost/MyApp?originalUrl=http%3a%2f%2flocalhost%2fAction%2fRedirect%3fUrl%3d%252fsomeUrl%253futm_medium%253dabc%2526utm_source%253dabc%2526utm_campaign%253dabc

(For reference %25 is the % symbol)

Then look at the Request["originalUrl"] (page or controller) the string returned is:

http://localhost/Action/Redirect?Url=/someUrl?utm_medium=abc&utm_source=abc&utm_campaign=abc

I would expect:

http://localhost/Action/Redirect?Url=%2fsomeUrl%3futm_medium%3dabc%26utm_source%3dabc%26utm_campaign%3dabc

I have also checked in Fiddler and the URL is being passed to the server correctly (one possible culprit could have been the browser decoding the URL before sending).

Relax, the handling of encoded parameters by HttpRequest is not broken.

In fact, both as a hyperlink and a direct navigation from address bar result in your 'expected' result in the Request.

<a href="WebForm1.aspx?originalUrl=http%3a%2f%2flocalhost%2fAction%2fRedirect%3fUrl%3d%252fsomeUrl%253futm_medium%253dabc%2526utm_source%253dabc%2526utm_campaign%253dabc">HEY</a>

and

WebForm1.aspx?originalUrl=http%3a%2f%2flocalhost%2fAction%2fRedirect%3fUrl%3d%252fsomeUrl%253futm_medium%253dabc%2526utm_source%253dabc%2526utm_campaign%253dabc

result: http://localhost/Action/Redirect?Url=%2fsomeUrl%3futm_medium%3dabc%26utm_source%3dabc%26utm_campaign%3dabc

You must be doing something with the URL beforehand, like redirecting or stuffing a NavigateUrl property of an asp.net control and letting asp.net render it which might be performing the first decode before it hits the target page.

I think this has to do with your browser.

Looking at Google's Browser Security Document, the following browsers translate non-reserved %nn sequences in the address bar: MSIE7, MSIE8, FF3, Opera, Chrome.

In which browsers have you tested this outcome?