问题
I'm having a trouble allowing asterisk (*) in the URL of my website. I am running ASP.NET MVC 2 and .NET 4.0.
Here's an example that describes the problem:
http://mysite.com/profile/view/Nice*
The username is Nice* and ASP.NET says there are illegal characters in the URL:
Illegal characters in path.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.ArgumentException: Illegal characters in path.
I have tried all the Web.config methods I've seen online such as:
<pages validateRequest="false">
and
<httpRuntime requestPathInvalidCharacters="" requestValidationMode="2.0" />
So my question is: Is it possible to allow asterisk in URL? If not, is there some encoding method in .NET that can encode asterisk(*) ?
Thanks!
回答1:
http://www.w3.org/Addressing/URL/4_URI_Recommentations.html
Other reserved characters
The asterisk ("*", ASCII 2A hex) and exclamation mark ("!" , ASCII 21 hex) are reserved for use as having special signifiance within specific schemes.
回答2:
The asterisk (*) is a reserved character with special meaning, so it shouldn't be used incorrectly in URIs. Instead, you should percent encode each username before you insert it into the URI.
Under percent encoding, the asterisk character becomes "%2A".
So the complete, correct URI would be: http://example.com/profile/view/Nice%2A
The percent encoding username should be automatically translated back into the original username string for you.
This will not only allow your URI to validate server-side, but also client-side, when your users copy and paste these addresses into their mail programs.
For example, Stack Overflow automatically hyperlinks the safe, percent encoded URI: http:// example.com/profile/view/Nice%2A
But it doesn't fully hyperlink the unsafe version: http:// example.com/profile/?user=username*
The asterisk is not included in the Stack Overflow link--so your user would have ended up the wrong page.
(Sorry I can't demonstrate this--I'm only allowed to included two links in my post.)
You can save yourself a great deal of trouble by always percent encoding data before you insert it into a URI.
回答3:
My solution was to change it to a query string.
E.g.:
http://mysite.com/profile/?user=username*
That way it seems to work just fine.
I do know that asterisk (*) is a reserved character and thus I shouldn't even allow usernames to have it. But this solves my problem.
来源:https://stackoverflow.com/questions/4567215/allowing-asterisk-in-url