Server.UrlEncode vs. HttpUtility.UrlEncode

by

I had significant headaches with these methods before, I recommend you avoid any variant of UrlEncode, and instead use Uri.EscapeDataString – at least that one has a comprehensible behavior.

Let’s see…

HttpUtility.UrlEncode(" ") == "+" //breaks ASP.NET when used in paths, non-
                                  //standard, undocumented.
Uri.EscapeUriString("a?b=e") == "a?b=e" // makes sense, but rarely what you
                                        // want, since you still need to
                                        // escape special characters yourself

But my personal favorite has got to be HttpUtility.UrlPathEncode – this thing is really incomprehensible. It encodes:

  • ” ” ==> “%20”
  • “100% true” ==> “100%%20true” (ok, your url is broken now)
  • “test A.aspx#anchor B” ==> “test%20A.aspx#anchor%20B
  • “test A.aspx?hmm#anchor B” ==> “test%20A.aspx?hmm#anchor B” (note the difference with the previous escape sequence!)

It also has the lovelily specific MSDN documentation “Encodes the path portion of a URL string for reliable HTTP transmission from the Web server to a client.” – without actually explaining what it does. You are less likely to shoot yourself in the foot with an Uzi…

In short, stick to Uri.EscapeDataString.

More Related Contents:

  1. What is the best way to read/parse the XML files [closed]
  2. Japenese character in a filename changes to garbage if I download file from IE 11
  3. ASP.NET Web Site or ASP.NET Web Application?
  4. MVC3 and Entity Framework
  5. What is the App_Data folder used for in Visual Studio?
  6. Hidden Features of ASP.NET [closed]
  7. Return XML from a controller’s action in as an ActionResult?
  8. How serious is this new ASP.NET security vulnerability and how can I workaround it?
  9. Unable to start debugging on the web server. Could not start ASP.NET debugging VS 2010, II7, Win 7 x64
  10. What perfmon counters are useful for identifying ASP.NET bottlenecks?
  11. How to encode the plus (+) symbol in a URL
  12. Global ASAX – get the server name
  13. I’m lost. What happened to ASP.NET MVC 5?
  14. You must add a reference to assembly ‘netstandard, Version=2.0.0.0
  15. Difference between Html.RenderAction and Html.Action
  16. In ASP.NET, when should I use Session.Clear() rather than Session.Abandon()?
  17. How to deploy ASP.NET MVC 4 application using localDB to local IIS on Windows 7?
  18. Cannot use a leading ../ to exit above the top directory
  19. What’s the difference between ASP.NET 5, .NET Core, and ASP.NET Core 5? [closed]
  20. Web API Queryable – how to apply AutoMapper?
  21. ‘System.Net.Http.HttpContent’ does not contain a definition for ‘ReadAsAsync’ and no extension method
  22. v11.0\WebApplications\Microsoft.WebApplication.targets was not found when file actually references v10
  23. What does the web.config compilation/assemblies element do?
  24. The configuration section ‘system.web.extensions’ cannot be read because it is missing a section declaration
  25. aspnet_compiler finding wrong version of System.Web.WebPages 1.0.0.0 instead of 2.0.0.0
  26. All requests to ASP.NET Web API return 404 error
  27. .NET “code nugget blocks”?
  28. URL encoded colon resolves in 400 Bad Request
  29. How do I make a “generic error” page in my ASP.NET application so that it handles errors triggered when serving that page itself?
  30. URL Routing, Image Handler & “A potentially dangerous Request.Path value”

Leave a Comment