Solved

encoding querystrings

Posted on 2001-06-20
7
379 Views
Last Modified: 2012-08-13
Whats the best way to encode a URL with a querystring, eg
in my asp code create a hyperlink:
<a href="view_details.asp?action=123&my_var=test">TEXT</a>
so the querystring is encoded, and the values aren't so obvious.
Just clarifying also that simple replace function can be used in the next page to decode eg
REPLACE(string,"%0D%0A",vbCrLf)
0
Comment
Question by:louise_8
  • 4
  • 3
7 Comments
 
LVL 10

Expert Comment

by:makerp
ID: 6209564
enc_string = Server.URLEncode(string)

is the proper way, this deals with spaces and the like. my_var should definatly be encoded as its text and the user may enter illegal chars that need encoding, i always run strings through URLEncode to be safe. they are automaticaly decoded
0
 

Author Comment

by:louise_8
ID: 6209664
makerp,
Thansk for your comment, one question though, instead of encoding the string first, how could I achieve this in a href
eg
<%response.write "<a href=view_details.asp?action=123&test="&varPage_title)>")TEST</a>"%>
where would I include the Server.URLEncode, everytime I paste it in, I get either a syntax error or an incomplete querystring, I wish to include it in this line rather than encoding the string separately
Thanks
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209700
Response.Write("<A HREF="&Server.URLEncode("view_details.asp?action=123&test="&varPage_title")&">TEST</A>")
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:louise_8
ID: 6209760
thanks

Can I just confirm that this is a good enough way to hide values being sent to pages or is there a better way, ie if we had a value 456, that could relate to a db value or something critical is there a simple yet efficient way to encode the URL, or is URLEncode the only way to achieve this without writing an encode function within the script, this should be my last query.
0
 
LVL 10

Accepted Solution

by:
makerp earned 40 total points
ID: 6209870
no, this will encode values in the correct way for HTTP. if you want to garble numbers etc then you will have to use some cypher algorithm and then de-cypher at the receving end. the best way to pass data like this is in hidden fields but this requires you to submit a form, this may/may not be a problem depending if your passing data on the href which you currently are.

theres no easy bullet proof way to do this
0
 

Author Comment

by:louise_8
ID: 6209886
Thanks for your help makerp
0
 
LVL 10

Expert Comment

by:makerp
ID: 6209898
glad to help, have a nice day :)
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have helped a lot of people on EE with their coding sources and have enjoyed near about every minute of it. Sometimes it can get a little tedious but it is always a challenge and the one thing that I always say is:  The Exchange of information …
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question