I have a connection string in my web.config which includes a password with the % character as below
<add name="ConnectionName"
providerName="System.Data.SqlClient"
connectionString="server=ServerName;database=DatabaseName;
uid=UserName;password=abcde%F9abcd;" />
Locally in VS2013 the connection string works fine but when published to the IIS8 web server via VS2013 and Web Deploy, something in that process manipulates the XML and changes the password section of the string to the following
password=abcdeùabcd
So it's turning the %F9
into ù
(unicode conversion).
I have tried encoding the % to 
which doesn't resolve the issue.
Is the problem something I can resolve with either escaping somehow or a configuration setting? Unfortunately I have no control over changing the password itself, it's supplied by a third party.
If you save your connection string in the udl file, the user can change the connection via an interface by simply double clicking that file. You can set your connection string in the app to point to the udl file. You can also launch the udl interface programmatically if you want.
The connection strings are mostly stored in web. config. It means that connection specific information such as database name, username, and password are stored as a clear text in a file. This is definitely a security concern for your Production servers.
A dynamic connection string is a connection string that is resolved at the time the database connection is opened, rather than at the time the connection string is defined. This is useful in SaaS applications where client data is stored in different systems of record located on different servers.
Web. config files may contain sensitive data. To better protect this data and strengthen the security of SharePoint, SharePoint now restricts access to its Web.
At the time of publishing, .NET assumes that you have placed encoded values in the settings and during publish process, it decodes these values which causes the problem. So, the encoded value of your connection string is "abcde%25F9abcd". Use this value in you web.config or place this separately in the settings tab of Publish dialog as I have done in the linked image. This solves the issue.
Hope it works for you.
Publish Website - Settings Tab
You have to follow the standards of XML
According to the specifications of the World Wide Web Consortium (w3C), there are 5 characters that must not appear in their literal form in an XML document, except when used as markup delimiters or within a comment, a processing instruction, or a CDATA section. In all the other cases, these characters must be replaced either using the corresponding entity or the numeric reference according to the following table:
The named character reference ' (the apostrophe, U+0027) was introduced in XML 1.0 but does not appear in HTML. Authors should therefore use ' instead of ' to work as expected in HTML 4 user agents. Please visit - http://www.w3.org/TR/2002/REC-xhtml1-20020801/#C_16
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With