I am using the following code to add a series of calls to the body parameter of a page in asp.net:
uxBodyTag.Attributes["onbeforeunload"] +=
"ajaxRequest('UnlockQuery.ashx?QueryID=" + queryId.ToString() +
"&UserID=" + Session["UserID"].ToString() + "');";
This is being rendered as:
<body id="uxBodyTag" onbeforeunload=
"ajaxRequest('UnlockQuery.ashx?QueryID=176&UserID=11648');">
The & means my ashx page is not retrieving the correct variables - how can I stop asp.net from doing this?
EDIT:
Using Server.UrlEncode gives me the following:
<body id="uxBodyTag" onbeforeunload=
"ajaxRequest('UnlockQuery.ashx%3fQueryID%3d179%26UserID%3d11648')%3b">
Which is far worse.
-
The behaviour you are seeing with & encoded as & is the behaviour you want. By the time the text gets to your ajaxRequest function it will have been unencoded again and everything should be fine.
ck : I'll check that - it seems I may have another issue at the moment, and this was the most obvious likely causeandynormancx : A simple test is just to replace ajaxRequest with alert, you'll then see that your URL and query string is intact. -
In HTML the ampersand needs to be encoded, always, everywhere, also in attribute values (the contents of the
<script>tag is the notable exception, obviously). ASP.NET does the right thing.Attribute values will be unencoded by the browser before it actually uses them. So your
onbeforeunloadattribute has a literal value of:ajaxRequest('UnlockQuery.ashx?QueryID=176&UserID=11648');while the HTML representation needs to have the
&in place of the&. The browser usually understands the ill-encoded version as well, but an SGML parser would complain about an unknown/invalid entity named&UserID.
0 comments:
Post a Comment