Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Best way to escape characters before jquery post ASP.NET MVC

Tags:

javascript

model-view-controller

asp.net-mvc

I am semi-new to ASP.NET MVC. I am building an app that is used internally for my company.

The scenario is this: There are two Html.Listbox's. One has all database information, and the other is initally empty. The user would add items from the database listbox to the empty listbox.

Every time the user adds a command, I call a js function that calls an ActionResult "AddCommand" in my EditController. In the controller, the selected items that are added are saved to another database table.

Here is the code (this gets called every time an item is added):

function Add(listbox) { ...
//skipping initializing code for berevity

var url = "/Edit/AddCommand/" + cmd;

$.post(url);

}

So the problem occurs when the 'cmd' is an item that has a '/', ':', '%', '?', etc (some kind of special character)

So what I'm wondering is, what's the best way to escape these characters? Right now I'm checking the database's listbox item's text, and rebuilding the string, then in the Controller, I'm taking that built string and turning it back into its original state.

So for example, if the item they are adding is 'Cats/Dogs', I am posting 'Cats[SLASH]Dogs' to the controller, and in the controller changing it back to 'Cats/Dogs'.

Obviously this is a horrible hack, so I must be missing something. Any help would be greatly appreciated.

like image 653
Darcy Avatar asked Dec 11 '25 07:12

Darcy

2 Answers

Why not just take this out of the URI? You're doing a POST, so put it in the form.

If your action is:

public ActionResult AddCommand(string cmd) { // ...

...then you can do:

var url = "/Edit/AddCommand";
var data = { cmd: cmd };
$.post(url, data);

... and everything will "just work" with no separate encoding step.

like image 76
Craig Stuntz Avatar answered Dec 13 '25 03:12

Craig Stuntz

Have you tried using the 'escape' function, before sending the data? This way, all special characters are encoded in safe characters. On the server-side, you can decode the value.

function Add(listbox) { ...
//skipping initializing code for berevity

var url = "/Edit/AddCommand/" + escape(cmd);

$.post(url);

}
like image 44
Pbirkoff Avatar answered Dec 13 '25 02:12

Pbirkoff
Sign in to Comment

Related questions

Can web worker be killed off by browser silently ? (pdf.js issue)
Aliasing a function object in JavaScript
Could not load file or assembly 'Noesis.Javascript.dll'
error NG6002: Appears in the NgModule.imports of AppModule, but itself has errors

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!