Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 802
  • Last Modified:

HttpUtility.UrlEncoding uppercase response

Hi experts.

I'm creating a oAuth protocol library on ASP.NET MVC and I've found something that surprised me.

In the oAuth authentication dance, you have to send often url encoded strings to a remote server in order to get authorization from users of that server into your app. For obvious security reasons, those strings had to be signed using a hashing algorithm (usually HMAC-SHA1).

Into these strings comes the url-encoded http petition to the target url on the remote server, and here comes the problem. I've checked that HttpUtility.UrlEncode returns the url encoded entities on lowercase. I mean, if your url includes "=", it will be transformed into "%3d".

Usually, this shouldn't be a problem, but, when I sign my encoded url with HMAC-SHA1 the result obviously varies from %3d to %3D, and I've found that several servers (linkedIn for example) expect into the request mades to it's servers that the url encoding had been made with uppercase.

As a result of this, the signed hashed string that I send doesn't match with the one that the server expects (due to characters being on lowercase on source and uppercase on destination) and the authorization dance stops with an error.

I've fixed this with some very unelegant replaces into the string before making the signing, as I can't simply turn all my string into uppercase, but I'm wondering if ASP.NET would provide me a smoother way to turn that url encoded entities to uppercase.

Any suggestions?
Thankyou.
0
Bardobrave
Asked:
Bardobrave
1 Solution
 
karl-henrikCommented:
UrlEncode is the old way of doing it (i think :)  ) I think what you are looking for is System.Uri.EscapeDataString(string);

Hope it works for you
//Karl.
0
 
BardobraveAuthor Commented:
Exactly what I was looking for. Thankyou.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now