ASP.NET: spaces in query string parameters


Is it legal to have spaces in the parameters of a query string for an page ?

eg is

Logger.aspx?Name=Johnathon Bakewell-Tart III&age=97&address=some street, some town, come city

safer and less likely to fail than (the less readable)


? Or do I need to use quotes around items with spaces ???

LVL 19
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

yes as long as you put the '" to delimit the value

Logger.aspx?Name='"Johnathon Bakewell-Tart III&"'"&age=97&address='"some street, some town, come city&"'"
Those are really long query strings.  The way you are using it seems as though you are using it to populate some static controls on a page, rather than retrieving data bases on a record.

You could try using cookies too, and save it all in the cookie, and get the information from the cookie on the aspx page.
UrlEncode your string before sending it out...


If characters such as blanks and punctuation are passed in an HTTP stream, they might be misinterpreted at the receiving end. URL encoding converts characters that are not allowed in a URL into character-entity equivalents; URL decoding reverses the encoding. For example, when embedded in a block of text to be transmitted in a URL, the characters < and > are encoded as %3c and %3d.

You can search MSDN for urlencode for more info.


Cloud Class® Course: Ruby Fundamentals

This course will introduce you to Ruby, as well as teach you about classes, methods, variables, data structures, loops, enumerable methods, and finishing touches.

mrwad99Author Commented:
DesertWarrior, is the method you recommend as safe as the encoding recommended by dgabriel ?

RiverGuy, yes those are long strings.  I am not using it to retrieve records from a database; instead I am using it to populate my database.  Each hyperlink is in the from

LoadPage.aspx?Page=aboutMe.html&surl=Page describing me and my work

surl is the simple url, so when I output the data from my database, it would be in a table, in the form

<a href = "aboutme.html>Page describing me and my work</a href>

This simpleurl being stored makes it more visually helpful to see what the page is.  I figured it would not be as easy to understand if there were no spaces...

dgabriel,  I am not sure I can do that, because the links that contain the query strings are on normal HTML pages, so when the user clicks the link it will be passed as it is to my aspx page.  So is the method recommended by DesertWarrior the only option I have ?

Cheers for the help all thus far.
you encode them in the code of the page... for example.. you'd ouput the link from your aspx page.

like this...

String strLink = "This is my link";
String strEncoded = HttpUtility.UrlEncode(strLink);

That'll give you a URL encoded string, so then you can use it with whatever you want. Typically a response.write block inline on the page. Something like... <a href="<%Response.Write(strEncoded)%>">This is my encoded link</a>

Your other option is to use a hyperlink user control. I'd have to lookup the documentation to be sure, but my assumption is that if you set the link target to a string with spaces, it'll automatically be urlencoded for you. If not, then you'd just set the target with your encoded string.

UrlEncoding -- whether you do it manually by replacing spaces with a %20 or you use the UrlEncoding method provided by -- is the proper way to handle creating query strings with odd charachters.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mrwad99Author Commented:
So basically you are saying that all of my HTML pages I need to rename to .aspx pages just so that I can achieve this ?

I have tried without doing this and found that the browser puts the %20 wherever a space occurs in the string in the url being loaded shown in the address bar of IE - does this mean it is working ok without need for any of the above mentioned function calls ?

No, you can do it in ASP too... I gave you an ASP.Net example, because the title indicated you were working with

there is also a UrlEncode method in regular asp... it's Server.URLEncode(string) example:




Not all browsers are inteligent enough to replace a space or odd charachter. IE is just a very forgiving browser.

mrwad99Author Commented:
>>So basically you are saying that all of my HTML pages I need to rename to .aspx pages just so that I can achieve this ?

This meant that the pages that are going to contain these sorts of hyperlinks are just normal (.html) pages.  So I do have to rename them with .aspx (I am only using .NET) in order to use UrlEncode then.

<a href="<%Response.Write(UrlEncode(<hyperlink>))%>">This is my encoded link</a>

is the form I will need, correct ?
OK, sorry I misunderstood that you're using regular HTML pages and posting to pages.

You can use a built in javascript function called encode to accomplish the same thing as urlencode.

There IS a limit of 2000 characters for query strings.  Most modern browsers ignore this and go waaay past it, but it's part of the spec so be aware of it.  Why are you using GET instead of POST in your forms?  If you used POST, then you wouldn't need to worry about URL encoding at all.

Your <a href="<%Response.Write(UrlEncode(<hyperlink>))%>">This is my encoded link</a> example above bothers me... why are you passing all the information in an href, and how are you doing this in a standard html page?  Are you using a lot of javascript to construct big query strings to put in hrefs?  
mrwad99Author Commented:
I am passing information in a href because the purpose of the link is to log various information about the user in a database and then redirect the user to the required page.

so a sample query string could be

LoadPage.aspx?Page=index.html&surl=Home page&refT=Hyperlink&whichDB=bmd

surl is a simple description of the page so I do not have to know of by heart which hyperlink leads to which page.  refT is how the user navigates to the page, whether they used a standard hyperlink or used a drop down list of 'quick links', referred to in the query string as 'Drop Down List'.  whichDB refers simply to which site this is hence which database should be used to log all the info.

I originally designed my site purely with HTML, (ie <A href = "index.html>Return Home</a>) but then realised it would be beneficial to be able to track what pages visitors look at etc... for analysis purposes.  Hence I started to learn to achieve this

What I have done in order to use the <a href="<%Response.Write(UrlEncode(<hyperlink>))%>"> form is rename all of my HTML pages to aspx.  This will probably be better in the long run as using brings a whole wealth of further options in page design.
mrwad99Author Commented:
Many thanks for the solution dgabriel !
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Languages and Standards

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.