Url encode and routing?

Question

I'm using custom routing in a web forms context. I have some titles (part of my custom route) that have say a question mark character. When I URL encode this text ("Question?") and then pass into my route, I get an HTTP ERROR CODE 400. Apparently, the URL encoded text is somehow confusing the routing manager.

Can someone provide context and explanation for this? Beyond that, I'm thinking I don't need to URL encode these route data but merely strip out the problem characters. Are there any security risks to not using URL decode/encode? And what are the problem characters? A list would be useful.

Thanks!

Update: It seems the % character is not allowed in the query string in a custom route. Look forward to some good input on this issue!

Answer 1

Here is what MS says about the UrlEncode() 'URL encoding ensures that all browsers will correctly transmit text in URL strings. Characters such as a question mark (?), ampersand (&), slash mark (/), and spaces might be truncated or corrupted by some browsers. As a result, these characters must be encoded in tags or in query strings where the strings can be re-sent by a browser in a request string.'

Also, you should encode only the query parameters, otherwise the result will cause problems. For example, if you have this link

http://www.contoso.com/articles.aspx?title=ASP.NET+Examples

And you encode the whole, you'll get

http%3a%2f%2fwww.contoso.com%2farticles.aspx%3ftitle%3dASP.NET%2bExamples

For more detail refer to http://msdn.microsoft.com/en-us/library/zttxte6w.aspx

I use ASP.net routing that comes with the version 4.0. Here is sample code http://weblogs.asp.net/scottgu/archive/2009/10/13/url-routing-with-asp-net-4-web-forms-vs-2010-and-net-4-0-series.aspx . You can manipulate quite easy your links.

UPDATE: Microsoft has made some changes to IIS7 that might cause problems with the routing. So try changing the setting "Managed Pipeline Mode" of the Application Pool from Integrated to Classic.