tags:

views:

48

answers:

2
+2  Q: 

Escape quote in web.config connection string

I have a connection string in my web config:

<add name="MyConString" connectionString="Server=dbsrv;User ID=myDbUser;Password=somepass"word" providerName="System.Data.SqlClient" />

As you see, there is a quotation sign ( " ) in the password (given from other dept. I can't change this db users password).

How do I have to escape the quote in this connection string?

Btw: I already tried & quot; in the string. That didn't work - ado.net got an ArgumenException then: "Format of the initialization string does not conform to specification starting at index 57." 57 is where the & quot; is in my connection string. I also tried enclosing the password part in ' - didn't work either.

Also tried "" and \" - web.config can't be parsed then.

Thanks for the solution:

I had to combine the escaping of the double quote and putting the password in single quotes:

<add name="MyConString" connectionString="Server=dbsrv;User ID=myDbUser;Password='somepass&quot;word'" providerName="System.Data.SqlClient" />
+4  A: 

Use &quot; instead of " to escape it.

web.config is an XML file so you should use XML escaping.

connectionString="Server=dbsrv;User ID=myDbUser;Password=somepass&quot;word"

See this forum thread.

Update:

&quot; should work, but as it doesn't, have you tried some of the other string escape sequences for .NET? \" and ""?

Update 2:

Try single quotes for the connectionString:

connectionString='Server=dbsrv;User ID=myDbUser;Password=somepass"word'

Or:

connectionString='Server=dbsrv;User ID=myDbUser;Password=somepass&quot;word'

Update 3:

From MSDN (SqlConnection.ConnectionString Property):

To include values that contain a semicolon, single-quote character, or double-quote character, the value must be enclosed in double quotation marks. If the value contains both a semicolon and a double-quote character, the value can be enclosed in single quotation marks.

So:

connectionString="Server=dbsrv;User ID=myDbUser;Password='somepass&quot;word'"

The issue is not with web.config, but the format of the connection string. In a connection string, if you have a " in a value (of the key-value pair), you need to enclose the value in '. So, while Password=somepass"word does not work, Password='somepass"word' does.

Oded  2010-07-05 07:53:25
This doesn't work. This obvisously would work, if it was in plain xml, but not within an attribute value.
Sebastian P.R. Gingter  2010-07-05 07:57:46
@Sebastian P.R. Gingter - strange that this does not work. Did you try other escape sequences?
Oded  2010-07-05 08:03:13
Yes. The whole Web.config can't be parsed when using "" and \". is not replaced with " within the string and the query string can't be parsed resulting in the stated error.If it were that easy I wouldn't have asked here ;-)
Sebastian P.R. Gingter  2010-07-05 08:06:32
@Sebastian P.R. Gingter - people here cannot guess at what you have tried and what you know. You need to include such details in your question (as you now have).
Oded  2010-07-05 08:10:40
What encoding does your web.config use?
Matthew Abbott  2010-07-05 08:11:26
@Sebastian P.R. Gingter - see my last update.
Oded  2010-07-05 08:25:31
Great, thanks.Combining enclosing the password-part in single quotes and using instead of the double quote worked out.
Sebastian P.R. Gingter  2010-07-05 09:50:44
A: 

Use &quot; That should work.

spinon  2010-07-05 07:53:59
nope. doesnt work. already tried this before asking here... wouldn't have asked...
Sebastian P.R. Gingter  2010-07-05 07:59:42

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps