Loading ...

Removing slash "/" in querystring encryption using Rijndael

 /5
0 (0votes)

Sometimes while encrypting data using Rijndael and sending it in URL as query string parameter can lead you to a specific problem:

The webpage cannot be found

The problem occurs when the encrypted string contains one or more "/" (slash), like:

http://www.mysite.com/q=3f4%^ffd#==fdf/ddfd

Here the encrypted string is: 3f4%^ffd#==fdf/ddfd and it contains a "/". This will make the browser search for  folder "ddfd" as it won't take the whole encrypted string as a parameter.

One simple way to avoid such issues is to ALWAYS encode the URL parameters and then decode them on the receiving page. Here is how you can do it:

                string key = sc.Encrypt(user.Email);

                //URL encode the string to avoid "/" issue in URLs
                key = Server.UrlEncode(key);

                string URL = "http://www.mysite.com/q=" + key ;

Then you can decode it as:

                string key = Server.UrlDecode(Request["q"]);

                key = key.Replace(" ", "+"); //bug in encoding so need to replace space with +

Note that if we are using Rijndael encryption then we need to replace empty spaces with the "+" sign else we will get decryption errors.

Using encoding and decoding will shield you from such errors so it is always a good practice to encode URL paramaeters before sending them across.

Comments (no comments yet)

Top Posts