The %27 is ASCII for the single quote ( ' ) and that is a red flag for someone trying to perform SQL injection via the query string to your application's data access layer logic.
In essence this means that the only characters you can reliably use for the actual name parts of a URL are a-z , A-Z , 0-9 , - , . , _ , and ~ . Any other characters need to be Percent encoded.
I am using WCF 4.0 to create a REST-ful web service. What I would like to do is have different service methods called based on query string parameters in the UriTemplate
.
For example, I have an API that allows users to retrieve information about a person using either by their driver's license or their social security number as a key. In my ServiceContract
/ interface I would define two methods:
[OperationContract] [WebGet(UriTemplate = "people?driversLicense={driversLicense}")] string GetPersonByLicense(string driversLicense); [OperationContract] [WebGet(UriTemplate = "people?ssn={ssn}")] string GetPersonBySSN(string ssn);
However, when I call my service with both methods I get the following exception:
UriTemplateTable does not support multiple templates that have equivalent path as template 'people?ssn={ssn}' but have different query strings, where the query strings cannot all be disambiguated via literal values. See the documentation for UriTemplateTable for more detail.
Is there not some way to do this with UriTemplates
? It seems like a common scenario.
Thanks very much!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With