0

I am writing a GET calculator for my website. This calculator calculates expressions provided in the exp parameter of the URL. I know its against RFC but is there any way I can allow + sign in URL?

One way I found was to provide a documentation to my users where they will replace some special tags to add plus sign like [op:plus]. This is then replaced by + in code behind which a ASP.NET generic handler. But it will be great if there is anything in the RFC that allows + sign. So that I don't have to provide any documentation.

Aishwarya Shiva
  • 3,460
  • 15
  • 58
  • 107

1 Answers1

4

The proper way to encode a + sign in a URL query string parameter is %2B. ASP.NET will automatically decode this as + for you.

If your users use a proper URL encoding library, this encoding will happen automatically:

string equation = "1 + 2 - 3";
Console.WriteLine(HttpUtility.UrlEncode(equation));

Output:

1+%2b+2+-+3

Community
  • 1
  • 1
Heinzi
  • 167,459
  • 57
  • 363
  • 519
  • ok but asp.net is replacing `+` with whitespace in URL. Your string will be like `1 2 - 3`. – Aishwarya Shiva May 15 '15 at 15:14
  • @ErikPhilips how can I use this when getting parameter using `Request["exp"]`? it replaces `+` with whitespace. – Aishwarya Shiva May 15 '15 at 16:27
  • 2
    @AishwaryaShiva: The point is: If the user wants to call your service with the value `1 + 2 - 3`, he should call it like this: `http://example.com/yourService?exp=1+%2b+2+-+3`. Then you get the correct value. If he calls it like this: `http://example.com/yourService?exp=1+2-3`, he violates the RFC (he transmits an encoded space instead of an encoded plus sign). – Heinzi May 15 '15 at 16:34
  • @Heinzi Yeah that is the same problem that I mentioned in the question. User must know `%2B` is plus or my own rule `[op:plus]`. Ok I realized now that we cannot go against RFC. But there must be a rule in RFC which will allow anything enclosed in double quotes. Can you provide me with the RFC link where using directions of `+` sign is written? – Aishwarya Shiva May 15 '15 at 17:03
  • 1
    @AishwaryaShiva: *But there must be a rule in RFC which will allow anything enclosed in double quotes.* Nope. This is not about "allowing", it's about "encoding". That's like saying *"but there must be a rule in morse code that allows me to transmit something else than dots and dashes if I enclose it in double dashes"*. Dots and dashes in morse code are just something different that dots and dashes in English language. Likewise, `+`, `&`, `=` in a URL are something different that the *actual values* `+`, `&`, `=`. ... – Heinzi May 15 '15 at 17:52
  • ...It just happens that, by mere coincidence, `abc` in a URL also means `abc` in data. But that's just it: A coincidence. You (and your users) need to properly encode everything you use in a URL. Just like a morse code user needs to know that `A` equals dot-dash, a URL user must know that `+` equals `%2B`. – Heinzi May 15 '15 at 17:53