HttpServerUtility.UrlPathEncode vs HttpServerUtility.UrlEncode

by

UrlEncode is useful for query string values (so to the left or especially, right, of each =).

In this url, foo, fooval, bar, and barval should EACH be UrlEncode’d separately:

http://www.example.com/whatever?foo=fooval&bar=barval

UrlEncode encodes everything, such as ?, &, =, and /, accented or other non-ASCII characters, etc, into %-style encoding, except space which it encodes as a +. This is form-style encoding, and is best for something you intend to put in the querystring (or maybe between two slashes in a url) as a parameter without it getting all jiggy with the url’s control characters (like &). Otherwise an unfortunately placed & or = in a user’s form input or db value value could break things.

EDIT: Uri.EscapeDataString is a very close match to UrlEncode, and may be preferable, though I don’t know the exact differences.

UrlPathEncode is useful for the rest of the query string, it affects everything to the left of the ?.

In this url, the entire url (from http to barval) should be run through UrlPathEncode.

http://www.example.com/whatever?foo=fooval&bar=barval

UrlPathEncode does NOT encode ?, &, =, or /. It DOES, however, like UrlEncode, encode accented/non-ASCII characters with % notation, and space also becomes %20. This is useful to make sure the url is valid, since spaces and accented characters are not. It won’t touch your querystring (everything to the right of ?), so you have to encode that with UrlEncode, above.

More Related Contents:

  1. Building a menu similar to stackoverflow [closed]
  2. A potentially dangerous Request.Form value was detected from the client
  3. ASP.NET MVC – Set custom IIdentity or IPrincipal
  4. Returning binary file from controller in ASP.NET Web API
  5. Store pictures as files or in the database like MSSQL for a web app?
  6. How do I get the current location of an iframe?
  7. ‘Operation is not valid due to the current state of the object’ error during postback
  8. How can I implement Ninject or DI on asp.net Web Forms?
  9. How to retrieve form values from HTTPPOST, dictionary or?
  10. IIS Request Timeout on long ASP.NET operation
  11. Why order matters in this RegEx with alternation?
  12. Is there a way to force ASP.NET Web API to return plain text?
  13. HTTPS with Visual Studio’s built-in ASP.NET Development Server
  14. Unmanaged DLLs fail to load on ASP.NET server
  15. Preventing CSRF with the same-site cookie attribute
  16. ASP.NET DateTime Picker
  17. Pagemethods in asp.net
  18. Can I serve .html files using Razor as if they were .cshtml files without changing the extension of all my pages?
  19. how can I share an asp.net session between http and https
  20. Log4net does not write the log in the log file
  21. How to return raw string with ApiController?
  22. Can SignalR be used with asp.net WebForms?
  23. how to bind a dropdownlist in gridview?
  24. OAuth Authorization Service in ASP.NET Core
  25. Using one Asp.net Membership database with multiple applications Single Sign On
  26. How to use Quartz.net with ASP.NET for scheduling jobs to trigger mail?
  27. Exception Logging for WCF Services using ELMAH
  28. What do the TargetFramework settings mean in web.config in ASP .NET MVC?
  29. Asp.Net Check file size before upload
  30. pass a value into next page

Leave a Comment