I am doing some URL redirections in a project that I am currently working on. I am new to web development and was wondering what the best practise was to remove any illegal path characters, such as '-? etc.
I'm hoping I don't have to resort to manually replacing each character with their encoded URLs.
I have tried UrlEncode and HTMLEncode, but UrlEncode doesn't cater for the ? and HTMLEncode doesn't cater for '
E.g. If I was to use the following:
Dim name As String = "Dave's gone, why?"
Dim url As String = String.Format("~/books/{0}/{1}/default.aspx", bookID, name)
Response.Redirect(url)
I've tried wrapping URL like this:
Dim encodedUrl As String = Server.UrlEncode(url)
And
Dim encodedUrl As String = Server.HTMLEncode(url)
The specification for URLs (RFC 1738, Dec. '94) poses a problem, in that it limits the use of allowed characters in URLs to only a limited subset of the US-ASCII character set:
"...Only alphanumerics [0-9a-zA-Z], the special characters "$-_.+!*'()," [not including the quotes - ed], and reserved characters used for their reserved purposes may be used unencoded within a URL."
So I think you need to worry about ?, and on my system
URL Encode; converts: %7e%2fbooks%2f1%2fDave's+gone%2c+why%3f%2fdefault.aspx
Now, are you using any url rewriting into this??