Menu
I'm a bit new to javascript and I'm having a minor problem:
I'm trying to redirect to a page (which then performs a redirect) in javascript. I'm setting the window.location like so:
window.location = "./RedirectPage.aspx?ReturnUrl=page.aspx?key=val&key2=val2";
Now, on RedirectPage.aspx when it's trying to redirect to the page that I passed in as the ReturnUrl, it is parsing key2=val2 as being another querystring parameter for RedirectPage instead of the ReturnUrl.
It makes sense that it does that, but that's not what I am trying to do... any idea how I might solve this?
488
For example, to encode a URL with an ampersand character, use %26. However, in HTML, use either & or &, both of which would write out the ampersand in the HTML page.
The query component is a string of information to be interpreted by the resource. Within a query component, the characters ";", "/", "?", ":", "@", "&", "=", "+", ",", and "$" are reserved.
The %27 is ASCII for the single quote ( ' ) and that is a red flag for someone trying to perform SQL injection via the query string to your application's data access layer logic.
the escape sequence is *another* ampersand. In the case of backslashes, the escape sequence is *another* backslash.
You want to URL encode the ReturnUrl querystring.
window.location = "./RedirectPage.aspx?ReturnUrl="+encodeURIComponent("page.aspx?key=val&key2=val2");
Try this:
window.location = "./RedirectPage.aspx?"+encodeURIComponent("ReturnUrl=page.aspx?key=val&key2=val2")
You need to escape the ampersand (for use in a query string).
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
