?
Solved

encoding querystrings

Posted on 2001-06-20
7
Medium Priority
?
410 Views
Last Modified: 2012-08-13
Whats the best way to encode a URL with a querystring, eg
in my asp code create a hyperlink:
<a href="view_details.asp?action=123&my_var=test">TEXT</a>
so the querystring is encoded, and the values aren't so obvious.
Just clarifying also that simple replace function can be used in the next page to decode eg
REPLACE(string,"%0D%0A",vbCrLf)
0
Comment
Question by:louise_8
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 10

Expert Comment

by:makerp
ID: 6209564
enc_string = Server.URLEncode(string)

is the proper way, this deals with spaces and the like. my_var should definatly be encoded as its text and the user may enter illegal chars that need encoding, i always run strings through URLEncode to be safe. they are automaticaly decoded
0
 

Author Comment

by:louise_8
ID: 6209664
makerp,
Thansk for your comment, one question though, instead of encoding the string first, how could I achieve this in a href
eg
<%response.write "<a href=view_details.asp?action=123&test="&varPage_title)>")TEST</a>"%>
where would I include the Server.URLEncode, everytime I paste it in, I get either a syntax error or an incomplete querystring, I wish to include it in this line rather than encoding the string separately
Thanks
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209700
Response.Write("<A HREF="&Server.URLEncode("view_details.asp?action=123&test="&varPage_title")&">TEST</A>")
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:louise_8
ID: 6209760
thanks

Can I just confirm that this is a good enough way to hide values being sent to pages or is there a better way, ie if we had a value 456, that could relate to a db value or something critical is there a simple yet efficient way to encode the URL, or is URLEncode the only way to achieve this without writing an encode function within the script, this should be my last query.
0
 
LVL 10

Accepted Solution

by:
makerp earned 160 total points
ID: 6209870
no, this will encode values in the correct way for HTTP. if you want to garble numbers etc then you will have to use some cypher algorithm and then de-cypher at the receving end. the best way to pass data like this is in hidden fields but this requires you to submit a form, this may/may not be a problem depending if your passing data on the href which you currently are.

theres no easy bullet proof way to do this
0
 

Author Comment

by:louise_8
ID: 6209886
Thanks for your help makerp
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209898
glad to help, have a nice day :)
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:   The Exchange of informatio…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question