Reputation: 1596
Is there any reason for performing full URL encoding on a POST body
I'm currently working on a C# WinForms application which makes calls to a couple of remote web services. In investigating a bug relating to strings containing ampersands, I came across the following method which 'encodes' POST bodies for the other web service (which doesn't have the ampersand issue, admittedly.)
object o = row.Values[i]; //some object
Type valueType = o.GetType();
if (valueType.Name.Equals("String", StringComparison.InvariantCultureIgnoreCase))
{
o = o.ToString().Replace("&", "%26");
}
I did a bit of WTF at this, but then thought, is there an actual reason for performing full URL encoding on POST bodies? Surely the only two risk points are ampersands and question-marks?
Upvotes: 0
Views: 315
Answers (1)
Reputation: 35869
The question is a bit one-sided. There's only reason to encode POST data is if the other side is expecting it to be encoded. e.g. if the content type of the post data is "x-www-form-urlencoded" then, yes, you need to url encode the data. If the other side doesn't expect it to be urlencoded then don't...
Typically, you don't need to urlencode data going to a web service because you've got flexible end-points. If you've got a web service that is expecting to be called directly from a web page (e.g. through a form post) then urlencoding may be done by the browser directly--in which case the web service needs to accept url-encoded (and thus anything else that wants to communicate with it).
Upvotes: 1
Related Questions
- C# web request with POST encoding question
- Should I URL-encode POST data?
- How do I escape POST body correctly?
- ISO-8859 encode post request content C#
- Do we need to encode urls before fetching them with HttpWebRequest or not
- What's the point of HttpUtility.UrlDecode
- Encoding of a post request
- In ASP.NET, why is there UrlEncode() AND UrlPathEncode()?
- HttpUtility.UrlEncode standard encoding vs specified encoding?
- URL encoded POST bad practice?