Solved

encoding querystrings

Posted on 2001-06-20
7
369 Views
Last Modified: 2012-08-13
Whats the best way to encode a URL with a querystring, eg
in my asp code create a hyperlink:
<a href="view_details.asp?action=123&my_var=test">TEXT</a>
so the querystring is encoded, and the values aren't so obvious.
Just clarifying also that simple replace function can be used in the next page to decode eg
REPLACE(string,"%0D%0A",vbCrLf)
0
Comment
Question by:louise_8
  • 4
  • 3
7 Comments
 
LVL 10

Expert Comment

by:makerp
ID: 6209564
enc_string = Server.URLEncode(string)

is the proper way, this deals with spaces and the like. my_var should definatly be encoded as its text and the user may enter illegal chars that need encoding, i always run strings through URLEncode to be safe. they are automaticaly decoded
0
 

Author Comment

by:louise_8
ID: 6209664
makerp,
Thansk for your comment, one question though, instead of encoding the string first, how could I achieve this in a href
eg
<%response.write "<a href=view_details.asp?action=123&test="&varPage_title)>")TEST</a>"%>
where would I include the Server.URLEncode, everytime I paste it in, I get either a syntax error or an incomplete querystring, I wish to include it in this line rather than encoding the string separately
Thanks
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209700
Response.Write("<A HREF="&Server.URLEncode("view_details.asp?action=123&test="&varPage_title")&">TEST</A>")
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:louise_8
ID: 6209760
thanks

Can I just confirm that this is a good enough way to hide values being sent to pages or is there a better way, ie if we had a value 456, that could relate to a db value or something critical is there a simple yet efficient way to encode the URL, or is URLEncode the only way to achieve this without writing an encode function within the script, this should be my last query.
0
 
LVL 10

Accepted Solution

by:
makerp earned 40 total points
ID: 6209870
no, this will encode values in the correct way for HTTP. if you want to garble numbers etc then you will have to use some cypher algorithm and then de-cypher at the receving end. the best way to pass data like this is in hidden fields but this requires you to submit a form, this may/may not be a problem depending if your passing data on the href which you currently are.

theres no easy bullet proof way to do this
0
 

Author Comment

by:louise_8
ID: 6209886
Thanks for your help makerp
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209898
glad to help, have a nice day :)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now