tags:

views:

2062

answers:

2
+1  Q: 

UrlEncoding Plus(+) in URL in ASP.Net

I'm encrypting and Base64 a string. Everything works great, until I retrieve the encrypted string from the QueryString collection. The Encrypted text contains a plus symbol. When I retrieve the encrypted string, where a plus once was there is now a space. As you can imagine this doesn't decrypt.

I have tried both Server.HtmlEncode/HtmlDecode and Server.UrlEncode/Server.UrlDecode with no avail. Both methods confuse the plus symbol with the space.

Any idea's?

Here is a similar post: QueryString Malformed

Edit: I found the solution: Server.UrlEncode does work, I was applying Server.UrlDecode and didn't need too.

+1  A: 

I had problems like you few years ago. Here's my code to decode base64 query string to string and vise versa 

 public static String DoDecryption(String Value)
 {
  Decryptor dec = new Decryptor(EncryptionAlgorithm.TripleDes );
  dec.IV = Encoding.ASCII.GetBytes("funky");
  byte [] DecValue =  Convert.FromBase64String(Value.Replace("+++","=="));
  byte [] DecKey   = Encoding.ASCII.GetBytes("0123456789012345");
  byte [] DecipherValue = dec.Decrypt(DecValue,DecKey);
  return Encoding.ASCII.GetString(DecipherValue);
 }

and here is the encryption part

 public static String DoEncryption(String Value)
 {
  Encryptor enc = new Encryptor(EncryptionAlgorithm.TripleDes);
  byte [] EncValue =  Encoding.ASCII.GetBytes(Value);
  byte [] EncKey   = Encoding.ASCII.GetBytes("0123456789012345");
  enc.IV = Encoding.ASCII.GetBytes("funky");
  byte [] CipherValue = enc.Encrypt(EncValue,EncKey);
  //InitVector = Encoding.ASCII.GetString(enc.IV);
  return Convert.ToBase64String(CipherValue).Replace("==","+++");
 }

Note that Value parameter in DoEncryption is the string you want to encrypt into querystring and value parameter in DoDecryption is query string that already convert into base64 string.

Hope thats help

Funky81  2008-12-24 09:24:27
Hope that's help
Funky81  2008-12-24 09:30:47
I added another answer. Be careful with this as "+++" is valid in the middle of an encrypted string.
cisellis  2009-09-03 19:15:14
+4  A: 

Be careful, the method of substituting "+++" for "==" is dangerous because in rare situations, it is possible for an encrypted query string to validly contain "+++". In this case, the decryption fails. For a better solution to the problem, look at using the "modified base64 for url". It involves switching out "-" for "+" and "_" for "/" and has no "==" padding. It seems to be working for us, even in situations where the other failed. Here is the link I used for reference that is working for us.

http://stackoverflow.com/questions/1228701/code-for-decoding-encoding-a-modified-base64-url

cisellis  2009-09-03 19:14:25
Thanks for the follow up.
Chuck Conway  2009-09-04 07:39:10

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps