Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Encode URL

Posted on 2011-09-11
4
Medium Priority
?
860 Views
Last Modified: 2012-05-12
I have a master page and links like this:

<asp:Hyperlink .... NavigateURL = "default.aspx?PageId=9" />

My coworker says we need to encode the URL. I've found these 2 links but still not sure how to do it.

1. http://forums.asp.net/t/1303095.aspx
   This one has Response.Redirect("default.aspx?data=" + HttpUtility.UrlEncode(value));

 but I need to add "pageId=9" to it

2. http://forums.asp.net/t/1530950.aspx
Scroll down, says to encode and decode and redirect in a separate page.

3. http://www.4guysfromrolla.com/articles/083105-1.aspx
That one has a live demo with code to tamper proof a URL.

How can I do encode a URL?
0
Comment
Question by:Camillia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 12

Expert Comment

by:Adam
ID: 36519976
If you mean URL Encoding (removing any illegal characters - & ?, <space> etc) this is only necessary in the actual data.
In your example, you only use the digit '9', which doesn't need encoding - what you have already is fine.

However, you have also posted a link to a page about tamper proof URL's. If you want to mask the fact the number is a page ID, then try using a longer code for the page ID - a GUID would be most secure, but a random sequence of 5 or 6 letters/numbers would make it hard to guess other page id's. However, if users guessing other page id's is ok, but you just want to make sure the id can't be misused, then just some server side validation to make sure the ID is really a number, and then is an actual page id should be enough.
0
 
LVL 7

Author Comment

by:Camillia
ID: 36520056
ah, yeah, i don't want users typing id 8 or id 7 in URL and change the page like that. Yes, having a random sequence of numbers is a better idea. Thanks.
0
 
LVL 7

Author Comment

by:Camillia
ID: 36520071
so it's ok if i display http://whatever.com?pageId=9

i guess it is. For example, for this question, i see this URL
http://www.experts-exchange.com/Programming/Languages/.NET/ASP.NET/Q_27302315.html

so it displays the question id....
0
 
LVL 12

Accepted Solution

by:
Adam earned 2000 total points
ID: 36520218
URL Rewriting is a technique to mask ID's such as the one you are using. It has the additional benefit that it improves SEO.

If you are using IIS6, you need a third party component - See http://www.helicontech.com/isapi_rewrite/
For, IIS7, it is supported natively - see http://www.iis.net/download/urlrewrite for an intro
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
In an ASP.NET application, I faced some technical problems. In this article, I list them out and show the solutions that I found.  I hope it will be useful. Problem: After closing a pop-up window, the parent page should be refreshed automaticall…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question