{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 SAY GOODBYE 的问题《How can I stop asp.net encoding & in Get params?》','https://www.manongdao.com/q-838708.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am using the following code to add a series of calls to the body parameter of a page in asp.net:
uxBodyTag.Attributes["onbeforeunload"] +=
"ajaxRequest('UnlockQuery.ashx?QueryID=" + queryId.ToString() +
"&UserID=" + Session["UserID"].ToString() + "');";
This is being rendered as:
<body id="uxBodyTag" onbeforeunload=
"ajaxRequest('UnlockQuery.ashx?QueryID=176&UserID=11648');">
The & means my ashx page is not retrieving the correct variables - how can I stop asp.net from doing this?
EDIT:
Using Server.UrlEncode gives me the following:
<body id="uxBodyTag" onbeforeunload=
"ajaxRequest('UnlockQuery.ashx%3fQueryID%3d179%26UserID%3d11648')%3b">
Which is far worse.
In HTML the ampersand needs to be encoded, always, everywhere, also in attribute values (the contents of the
<script>tag is the notable exception, obviously). ASP.NET does the right thing.Attribute values will be unencoded by the browser before it actually uses them. So your
onbeforeunloadattribute has a literal value of:ajaxRequest('UnlockQuery.ashx?QueryID=176&UserID=11648');while the HTML representation needs to have the
&in place of the&. The browser usually understands the ill-encoded version as well, but an SGML parser would complain about an unknown/invalid entity named&UserID.The behaviour you are seeing with & encoded as & is the behaviour you want. By the time the text gets to your ajaxRequest function it will have been unencoded again and everything should be fine.