Receiving '+' character in Request.Form

[fergallydon]

I'm sending some data in a HTTP POST to an asp page. The data contains
some + characters. When I try to access the data using
Request.Form("data") I get the data but the + characters are replaced
by spaces.

Any ideas?

 

[Evertjan.]

wrote on 04 jul 2007 in microsoft.public.inetserver.asp.general:

I'm sending some data in a HTTP POST to an asp page. The data contains
some + characters. When I try to access the data using
Request.Form("data") I get the data but the + characters are replaced
by spaces.

Not true!

Try:

=========== test.asp ===========

<% = request.form("t")%>

<form method='post'>
<input name='t' value='a+b+c'>
<input type='submit'>
</form>

================================

 

[Bob Barrows [MVP]]

I'm sending some data in a HTTP POST to an asp page. The data contains
some + characters. When I try to access the data using
Request.Form("data") I get the data but the + characters are replaced
by spaces.

Please post a simple page that reproduces the symptoms you are experiencing.
"+" characters should not be replaced.

 

[fergallydon]

Please post a simple page that reproduces the symptoms you are experiencing.
"+" characters should not be replaced.
--
Microsoft MVP - ASP/ASP.NET
Please reply to the newsgroup. This email account is my spam trap so I
don't check it very often. If you must reply off-line, then remove the
"NO SPAM"

Thanks for you help. I tried that example and I see now that they
should not be replaced. I better explain in more detail what I'm
doing. I'm sending this request from a C++ application as follows.

pIXMLHTTPRequest.CreateInstance("Msxml2.XMLHTTP.3.0");
pIXMLHTTPRequest->open(_bstr_t(L"POST"), bstrurl, false);
pIXMLHTTPRequest->setRequestHeader("Content-Type", "application/x-www-
form-urlencoded");
pIXMLHTTPRequest->send("t=1+2+3");

I'm testing by writing to file on the server

fnameLicense.Write(Request("t"))

The file content is
1 2 3

I have examined what's being sent to the server using an ethernet
sniffer on the server and I can see t=1+2+3 in one of the packets
received. Anyone know what I'm missing?

 

[Anthony Jones]

Thanks for you help. I tried that example and I see now that they
should not be replaced. I better explain in more detail what I'm
doing. I'm sending this request from a C++ application as follows.

pIXMLHTTPRequest.CreateInstance("Msxml2.XMLHTTP.3.0");
pIXMLHTTPRequest->open(_bstr_t(L"POST"), bstrurl, false);
pIXMLHTTPRequest->setRequestHeader("Content-Type", "application/x-www-
form-urlencoded");
pIXMLHTTPRequest->send("t=1+2+3");

I'm testing by writing to file on the server

fnameLicense.Write(Request("t"))

The file content is
1 2 3

I have examined what's being sent to the server using an ethernet
sniffer on the server and I can see t=1+2+3 in one of the packets
received. Anyone know what I'm missing?

The + is using in URL encoding to encode a space.

Use %2B instead of +

"t=1%2B2%2B3"

 

[fergallydon]

The + is using in URL encoding to encode a space.

Use %2B instead of +

"t=1%2B2%2B3"- Hide quoted text -

- Show quoted text -

Thanks. That works for the example but the trouble is that I won't be
sending t=1%2B2%2B3 all the time. That was just an example. I'll be
sending something that is read from a file and I don't know whether or
not it contains any + chars.

I guess I could parse the string before hand and replace all
occurances of + with %2B but is there any other way?

 

[Bob Barrows [MVP]]

The + is using in URL encoding to encode a space.

Use %2B instead of +

"t=1%2B2%2B3"

Anthony,
I'm a little puzzzled here. I see from the reply that your suggestion
worked, but I'm curious as to why URL encoding is relevant with a POST. Is
this a peculiarity of the HTTPRequest object? If so, the OP is going to have
to worry about other characters besides "+", isn't he? He's basically going
to have to url-encode any data that he sends via this object.

I've never had to do this when using HTTPrequest, but then again, I've
always put my data into an xml document to be posted via HTTPRequest.

I wonder if he can avoid the url-encoding step by doing this from his C++
application ...

 

[fergallydon]

Anthony,
I'm a little puzzzled here. I see from the reply that your suggestion
worked, but I'm curious as to why URL encoding is relevant with a POST. Is
this a peculiarity of the HTTPRequest object? If so, the OP is going to have
to worry about other characters besides "+", isn't he? He's basically going
to have to url-encode any data that he sends via this object.

I've never had to do this when using HTTPrequest, but then again, I've
always put my data into an xml document to be posted via HTTPRequest.

I wonder if he can avoid the url-encoding step by doing this from his C++
application ...

This is probably what I should be doing in the first place. Any links
to examples of this in C++?

 

[Bob Barrows [MVP]]

This is probably what I should be doing in the first place. Any links
to examples of this in C++?

Sorry, not from me. You might try searching MSDN or posting to a C++ group.
Just be aware that the ASP page to which you are posting this will also need
to be revised to handle an xml document submission instead of the straight
text submission. I believe I have an example somewhere ... let me do some
searching.

 

[Anthony Jones]

Anthony,
I'm a little puzzzled here. I see from the reply that your suggestion
worked, but I'm curious as to why URL encoding is relevant with a POST.

URL encoding is relevant because the content type of the entity body is
application/x-www-form-urlencoded. Which basically uses the same
"name1=value&name2=value" method to list the field values as it would
appear in the query string, that includes any escaping you would expect in
query string had actually ben part of a URL.

Is this a peculiarity of the HTTPRequest object?

Nope it is the specification for the mime type.

If so, the OP is going to have
to worry about other characters besides "+", isn't he? He's basically going
to have to url-encode any data that he sends via this object.

Yep. I suspect that he could actually get away with just encoding &, % and
+, since other characters typically encoded by url encoding only have
special meaning when actually in a URL.

So personally I'd go with:-

CString value("^&'{}|][+\"<>\\");
value.Replace("%", "%25");
value.Replace("+", "%2B");
value.Replace("&", "%26");

pIXMLHTTPRequest->Send(value.GetString());

Another appoach is to use UrlEscape from the shlwapi.dll. It would need the
URL_ESCAPE_PERCENT flag and then you'd still need to encode the plus signs
since it doesn't do those.

I've never had to do this when using HTTPrequest, but then again, I've
always put my data into an xml document to be posted via HTTPRequest.

You would not have tried to read the XML from Request.Form but would have
read the Request entity in the raw. In the above case it is the Form object
in the Request which is parsing the entity body and doing the unescaping.

I wonder if he can avoid the url-encoding step by doing this from his C++
application ...

The question is does the receiving ASP page need to use Form fields because
it also supports POSTs from HTML forms? If so then we need to continue to
emulate the HTML Form or change how the page containing the form works.

What else is available? Sending the string raw and setting the content type
to "text/plain" is an option but ASP doesn't make retrieving a simple string
from the Request easy. You'd need to use an ADODB stream to take the the
result of BinaryRead and then return the string.

XML is my prefered option (I never use HTML Forms) and it's easy enough to
do in VB/VBScript/Javascript. Bit more of a pain in C++ if you've only got
a couple of fields to send.

Anthony.

 

[Bob Barrows [MVP]]

URL encoding is relevant because the content type of the entity body
is application/x-www-form-urlencoded.

Ah! of course. <mutter>jeez, how'd I miss that ... </mutter>