Disadvantages QueryString approach in ASP.Net

Asp.net, Http, QueryString | 0 comments
QueryString property of Request Object. When surfing internet you should have seen weird internet address such as one below.

http://www.localhost.com/Webform.aspx?name=asp&article=framework

This html addresses use QueryString property to pass values between pages.

Disadvantages of this approach
  • QueryString have a max length, If you have to send a lot information this approach does not work.
  • QueryString is visible in your address part of your browser so you should not use it with sensitive information.
  • QueryString can not be used to send & and space characters.
If you write this code and try them you will see that you have a problems with space and & characters, e.g. if you need to send a variable which contains & such as "Mark & Spencer". There must be a solution for this problem. If you look to Google�s query string you will see that it contains a lot of %20. This is the solution of our third disadvantage. Replace space with %20 and & with %26 for example.

private void btnSubmit_Click(object sender, System.EventArgs e)
{
string p1 = this.txtName.Text.Replace("&","%26");
p1 = this.txtName.Text.Replace(" ","%20");

string p2 = this.txtArticle.Text.Replace("&","%26");
p2 = this.txtArticle.Text.Replace(" ","%20");

string redirectweb= "WebForm.aspx?" + "Name=" + p1 + "&Article=" + p2;
Response.Redirect(redirectweb);
}

Since this is a such a common problem Asp.Net should have some way to solve. There it is Server.UrlEncode. Server.UrlEncode method changes your query strings to so that they will not create problems.


private void btnSubmit_Click(object sender, System.EventArgs e)
{
Response.Redirect("WebForm.Aspx?" +
"Name=" + Server.UrlEncode(this.txtName.Text) +
"&Article=" + Server.UrlEncode(this.txtArticle.Text));
}
Tags: , ,
Hot on Web:


About author

Newer Post Older Post Home