Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Why is Request.QueryString readonly?

I thought you couldn't change the QueryString on the server without a redirect.

But this code works* for me:

Request.QueryString edit

I'm so amazed.

So here are my questions regarding this:

  1. Why is Request.QueryString readonly?
  2. Why does this code/hack work*?
  3. How safe is it, if you change to readonly as soon as you are done editing, both regarding bad errors or unexpected behaviour, and regarding maintaining and understanding the code?
  4. Where in the event cycle would it make most sense to do this crazy edit if you are only using PageLoad and OnPageRender?

*More details:

I have a page with items that are grouped into tabs. Each tab is an asp:LinkButton

I want to be able to link directly to a specific tab. I do that with a QueryString parameter 'tab=tabName'. It works. But when I then click a new tab, the querystring is still in the Url, and thus the tab specified in the Querystring gets activated and not the one I clicked.

By using Request.QueryString edit this does not happen. Then my solution 'works'.

Thanks in advance.

like image 951
Skuli Avatar asked Feb 11 '11 11:02

Skuli


People also ask

What is request QueryString ()?

The value of Request. QueryString(parameter) is an array of all of the values of parameter that occur in QUERY_STRING. You can determine the number of values of a parameter by calling Request. QueryString(parameter). Count.

What is Query String what are its advantages and limitations?

A Query String is information sent to the server appended to the end of a page URL which means that Query String is way to transfer information from one page to another through the URL. Query String is attached to the URL with "?". Advantages: 1. Easy to use.


2 Answers

Well the QueryString property is readonly because it cannot be changed on a single request. Obviously the browser sends only one request with only one string so only one collection is created. The hack uses reflection (i.e. manipulates the code and the memory) to change stuff that you cannot change normally. This hack breaks the encapsulation and the design of the QueryString property. You should not use it. It makes no sense from design standpoint. Your query DOES NOT change so why change the object that represents it? Only the browser can send new query string so you are basically lying to your own code about what the browser sent.

If you want the tabs to use the URL just use Hyperlinks instead of LinkButton.

like image 112
Stilgar Avatar answered Sep 28 '22 16:09

Stilgar


From what I remember reading, this is a security standard that all browsers adhere to. It's main purpose is to stop phishing attacks, where someone could have the website www.MyLameWarcraftPhishingSite.com" and when someone hits the page, rewrite the url to look like www.blizzard.com. The only way to get to that url is to actually redirect to it.

mmm, last post was in Feb 11 - hope its ok to post in this.

like image 43
boolean Avatar answered Sep 28 '22 15:09

boolean