I have a webapp created using C# and asp.net. I placed a parameter value in the querystring with a plus(+) sign. But the plus sign disappear.
How can I include the plus sign(+) in the query string without disappearing?
Please advise.
Thanks.
Edit: added code with UrlEncode
string str = Server.UrlEncode(Requery.QueryString["new"]);
Now, if you want a literal + to be present in the query string, you need to specify %2B instead. + sign in the query string is URL-decoded to a space. %2B in the query string is URL-decoded to a + sign.
URLs are encoded as RFC 1738 which specifies %20 . Show activity on this post. According to the W3C (and they are the official source on these things), a space character in the query string (and in the query string only) may be encoded as either " %20 " or " + ".
If you want a plus + symbol in the body you have to encode it as 2B . Literally as %2B ? Yes, %2B is what you want!
The %27 is ASCII for the single quote ( ' ) and that is a red flag for someone trying to perform SQL injection via the query string to your application's data access layer logic.
+
sign has a semantic meaning in the query string. It is used to represent a space. Another character that has semantic importance in the query string is &
which is used to separate the various var=value
pairs in the query string.
Most server side scripts would decode the query parameters before using them, so that a +
gets properly converted to a space. Now, if you want a literal +
to be present in the query string, you need to specify %2B
instead.
+
sign in the query string is URL-decoded to a space. %2B
in the query string is URL-decoded to a + sign.
See the difference between
http://www.google.com/search?q=foo+bar
and
http://www.google.com/search?q=foo%2Bbar
In the above examples, Google's server script is URL-decoding the query parameters and then using them to do the search.
URL-encoding is nothing but %
sign followed by the hex-code of the special character. For example, we know that the hex code of A
is 0x41 (decimal: 65). Try this:
http://www.google.com/search?q=%41
Hope this makes URL-encoding clear.
So, if you want the +
sign to be preserved when a JavaScript is fetching a URL with +
signs in its query parameters and a server side script would process the query parameters after URL-decoding it, you should URL-encode the query parameters in the URL before using issuing the HTTP get request so that all +
signs are converted to %2B
's when the request reaches the server side script. Now when the server side script URL-decodes the query string, all %2B
's gets converted back to +
signs which is what you want.
See Encode URL in JavaScript? to learn how to URL-encode the parameters using JavaScript. Short answer from the discussion there:
var encodedURL = "http://example.com/foo.php?var=" + encodeURIComponent(param);
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With