http://support.microsoft.com/default...b;en-us;301464
Look down at the MyPage.asp example. You will see that Microsoft does this:
'Costruct the URL for the current page
s = "http://"
s = s & Request.ServerV ariables("HTTP_ HOST")
s = s & Request.ServerV ariables("URL")
If Request.QuerySt ring.Count > 0 Then
s = s & "?" & Request.QuerySt ring
End If
'Redirect unauthorised users to the logon page
Response.Redire ct "Logon.asp?from =" & Server.URLEncod e(s)
This code has problems. If the URL contains a parameter which is an image like blondie.jpg then what is sent to the Logon page is NOT the URL that ostensibly was sent to the logon page. Not only does it look different obviously but it IS different.
If the URL accessed (mypage.asp) is like this: http://www.mydomain.com/more.asp?image=blondie.jpg
Then what is sent to the logon page looks like this: http://www.mydomain.com/logon.asp?fr...londie%252Ejpg
This is because the Request.ServerV ariables("URL") does a little bit of encoding It encodes . to %2E and therefore when we pass this into Server.URLEncod e it strips out the % and puts it as %25 and leaves the 2E alone. This then causes an error in JavaScript. Weirdly the image will still display. I don't know why but it does. If you access the image parameter in a <IMG src="<%=Request .QueryString("i mage")%>" ....
This is not good. Is there something like Request.ServerV ariables("URL") that leaves any and all characters alone in the URL so that Server.URLEncod e has something to work on that has not been contaminated; so that I don't have to workaround this issue. Or can someone tell me ALL the characters that Server.Variable s("URL") will escode so that I can fix this? Thanks.
--
George Hester
_______________ _______________ ___ 3  5158 
On Thu, 18 Nov 2004 23:02:07 -0500, "George Hester"
<he********@hot mail.com> wrote: This code has problems. If the URL contains a parameter
which is an image like blondie.jpg then what is sent to the
Logon page is NOT the URL that ostensibly was sent to the
logon page. Not only does it look different obviously but
it IS different.
If the URL accessed (mypage.asp) is like this:
http://www.mydomain.com/more.asp?image=blondie.jpg
Then what is sent to the logon page looks like this:
http://www.mydomain.com/logon.asp?fr...londie%252Ejpg
This is because the Request.ServerV ariables("URL") does a
little bit of encoding It encodes . to %2E and therefore when
we pass this into Server.URLEncod e it strips out the % and puts
it as %25 and leaves the 2E alone. This then causes an error in
JavaScript.
OK, so simply unencode the URL before encoding it again. If your
script can't cope with encoded URLs it's going to break anyway
someday...
I'm not saying this is the best way to do it, but off the top of my
head:
const Hexconvert = "0123456789ABCD EF"
function firsttwoHextoAs cii(strHex)
dim dec
firsttwoHextoAs cii = ""
if len(strHex)>1 then
dec = 16 * instr(1,Hexconv ert,left(strHex ,1),1) + _
instr(1,Hexconv ert,mid(strHex, 2,1),1) - 17
if dec>0 and dec<256 then
firsttwoHextoAs cii = chr(dec)
end if
end if
end function
function URLunencode(str Encoded)
dim unencoded,part
if isnull(strEncod ed) or strEncoded="" then
URLunencode = ""
else
unencoded = split(replace(s trEncoded,"+"," "),"%")
for part = 1 to ubound(unencode d)
unencoded(part) = firsttwoHextoAs cii(unencoded(p art)) & _
mid(unencoded(p art),3)
next
URLunencode = join(unencoded, "")
end if
end function
Thanks MikeT. I think I can integrate this in. Lot of work it seems to me to avoid this Request.ServerV ariables("URL") and Server.URLEncod e combination usage issue. I had put some work into getting images that had + in the name in fact any character that could safely be used in naming files in Windows Explorer.to work. I had it good. Then I noticed this issue came up. I ran into it before in little different way but I was able to work around what VBScript and ASP was doing. But this one I think you have helped better than I had. But I am back to the above issue. If the file is named say
blon %2E+.jpg
Then we are going to catch that in our\(your) function and kill the name of the file. I did have this working and without Replace. Looks like I am back to the drawing board. If only Request.ServerV ariables("URL") did NOT encoding at all I'd be a happy camper. The trouble is when we make a programming language with statements\func tions that do more, than one thing well, we end up with issues such as this. Request.ServerV ariables("URL) should do NOTHING to the URL and leave it up to Server.URLEncod e to take care of encoding issues. IMHO.
--
George Hester
_______________ _______________ ___
"MikeT" <ne**@chthonic. f9.co.uk> wrote in message news:6s******** *************** *********@4ax.c om... On Thu, 18 Nov 2004 23:02:07 -0500, "George Hester"
<he********@hot mail.com> wrote:This code has problems. If the URL contains a parameter
which is an image like blondie.jpg then what is sent to the
Logon page is NOT the URL that ostensibly was sent to the
logon page. Not only does it look different obviously but
it IS different.
If the URL accessed (mypage.asp) is like this:
http://www.mydomain.com/more.asp?image=blondie.jpg
Then what is sent to the logon page looks like this:
http://www.mydomain.com/logon.asp?fr...londie%252Ejpg
This is because the Request.ServerV ariables("URL") does a
little bit of encoding It encodes . to %2E and therefore when
we pass this into Server.URLEncod e it strips out the % and puts
it as %25 and leaves the 2E alone. This then causes an error in
JavaScript.
OK, so simply unencode the URL before encoding it again. If your
script can't cope with encoded URLs it's going to break anyway
someday...
I'm not saying this is the best way to do it, but off the top of my
head:
const Hexconvert = "0123456789ABCD EF"
function firsttwoHextoAs cii(strHex)
dim dec
firsttwoHextoAs cii = ""
if len(strHex)>1 then
dec = 16 * instr(1,Hexconv ert,left(strHex ,1),1) + _
instr(1,Hexconv ert,mid(strHex, 2,1),1) - 17
if dec>0 and dec<256 then
firsttwoHextoAs cii = chr(dec)
end if
end if
end function
function URLunencode(str Encoded)
dim unencoded,part
if isnull(strEncod ed) or strEncoded="" then
URLunencode = ""
else
unencoded = split(replace(s trEncoded,"+"," "),"%")
for part = 1 to ubound(unencode d)
unencoded(part) = firsttwoHextoAs cii(unencoded(p art)) & _
mid(unencoded(p art),3)
next
URLunencode = join(unencoded, "")
end if
end function
Hi again MikeT. I didn't put your construction in the right place when I first tried to use it. What I was doing was encoding as that example showed. But then I used the same method again. It was in the second use of it that Server.URLEncod e was acting on something that already was encoded. I tried just removing the second encoding but I lost all my QueryStrings. Anyway I put your VBScript unencode in and it performed admirably. I just want to thank you again for a very nice piece of code.
--
George Hester
_______________ _______________ ___
"MikeT" <ne**@chthonic. f9.co.uk> wrote in message news:6s******** *************** *********@4ax.c om... On Thu, 18 Nov 2004 23:02:07 -0500, "George Hester"
<he********@hot mail.com> wrote:This code has problems. If the URL contains a parameter
which is an image like blondie.jpg then what is sent to the
Logon page is NOT the URL that ostensibly was sent to the
logon page. Not only does it look different obviously but
it IS different.
If the URL accessed (mypage.asp) is like this:
http://www.mydomain.com/more.asp?image=blondie.jpg
Then what is sent to the logon page looks like this:
http://www.mydomain.com/logon.asp?fr...londie%252Ejpg
This is because the Request.ServerV ariables("URL") does a
little bit of encoding It encodes . to %2E and therefore when
we pass this into Server.URLEncod e it strips out the % and puts
it as %25 and leaves the 2E alone. This then causes an error in
JavaScript.
OK, so simply unencode the URL before encoding it again. If your
script can't cope with encoded URLs it's going to break anyway
someday...
I'm not saying this is the best way to do it, but off the top of my
head:
const Hexconvert = "0123456789ABCD EF"
function firsttwoHextoAs cii(strHex)
dim dec
firsttwoHextoAs cii = ""
if len(strHex)>1 then
dec = 16 * instr(1,Hexconv ert,left(strHex ,1),1) + _
instr(1,Hexconv ert,mid(strHex, 2,1),1) - 17
if dec>0 and dec<256 then
firsttwoHextoAs cii = chr(dec)
end if
end if
end function
function URLunencode(str Encoded)
dim unencoded,part
if isnull(strEncod ed) or strEncoded="" then
URLunencode = ""
else
unencoded = split(replace(s trEncoded,"+"," "),"%")
for part = 1 to ubound(unencode d)
unencoded(part) = firsttwoHextoAs cii(unencoded(p art)) & _
mid(unencoded(p art),3)
next
URLunencode = join(unencoded, "")
end if
end function
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: |-|erc |
last post by:
<?php
// Get the names and values for vars sent by index.lib.php3
if (isset($HTTP_GET_VARS))
{
while(list($name,$value) = each($HTTP_GET_VARS))
{
$$name = $value;
};
};
|
by: Dave Smithz |
last post by:
Hi There,
I have a PHP script that sends an email with attachment and works great when
provided the path to the file to send.
However this file needs to be on the same server as the script.
I want to develop a webpage where people can send attachments that are
stored on their local PC.
|
by: -D- |
last post by:
I have some code that I'm trying to add a CSS pseudoclass style for
formatting purposes. Here is a snippet of the code I'm trying to add the
pseudoclass to:
Dim tmpHTML
tmpHTML=""
tmpHTML = tmpHTML & "<table summary="""" id=""calendar"" cellspacing=""0"">"
& Chr(10)
tmpHTML = tmpHTML & "<caption></caption>" & Chr(10)
tmpHTML = tmpHTML & "<tr id=""title"">" & Chr(10)
|
by: debk |
last post by:
Server.UrlEncode is not longer converting the ampersand in a string to
%26 so the value passed in the querystring gets truncated in the
following page. Is this a problem with IIS, does anyone know? I can't
find this reported anywhere else. I may just have to code around it.
Details:
link is created by the following code:
<a>href="GroupDetails.asp?groupName=<%=Server.URLEncode(objRecordset("Group_Name"))%>">Group
Details</a>
If...
|
by: Tom Petersen |
last post by:
I must have the format of the below line wrong for IE:
click <a href="cal.asp?sdate=<% =strDate1 %>&location=<% =strLocation
%>&eTime=<% =strDate2 %>">here</a> to add this information to your
Calendar<br>
When I hover my mouse over the link, the status bar at the bottom of the
page for IE says: shortcut to 2006 11:00 AM
With Firefox I get: http://sd-school/forms/cal.asp?sdate=10/18/2006 10:00
AM&location=Library&eTime=10/18/2006 11:00...
| | |
by: Andreas Klemt |
last post by:
Hello,
is there a difference between
System.Web.HttpUtility.UrlEncode
and
Server.UrlEncode ?
|
by: mister-Ed |
last post by:
I am displaying subcategories in my datalist, and now I have a
bizarre thing happen when I add a new subcategory record in my sql
database, the new subcategory link does not click into the next page:
Here is the code surrounding my dynamic 'subcategory':
<a href="prov-results1.aspx?county=<
%#Server.UrlEncode(Request.QueryString("county")) & "&subcat=" &
Server.UrlEncode((Eval("SubCategory").ToString())) & "&category=" &...
|
by: Shaikh shahnawaz |
last post by:
Hi,
I have implement multiple file uploading progress bar with the help of flash and .net file is upload on my local machine but not working with server it's give error while uploading image on server. code is as follows.
this is flash object:
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0"
width="550"...
|
by: aRTx |
last post by:
I have try a couple of time but does not work for me
My files everytime are sortet by NAME.
I want to Sort my files by Date-desc.
Can anyone help me to do it?
The Script
<?
/*
ORIGJINALI
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules.
He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms.
Adolph will...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
