Using invoke-webrequest with special chars in URI causes API call to not work correctly

Question

Im doing an script which automates the creation of several things on some firewalls (Sophos XG). This one reads a CSV with 2 column and creates an API call to create IP Host in the firewall with name (first column) and IP (second column). Ideal for massive uploads.

Its works fine, except when some variables have special characters (for example + or &) either in the password variable ($_CONTRASEÑA_API) or the IP's name ($_NOMBRE_IP). If the password or the name doesn't have those chars, it works flawlessly.

Here's the code:

# ---------------------
# Creacion IP Host - XG
# ---------------------
# Versiones
#
# 1.0 - Version original
#
# ---------------------

# Declaracion variables globales
# ------------------------------
$_IP_FIREWALL = "190.80.80.80"
$_PUERTO_FIREWALL = "4444"
$_USUARIO_API = "admin"
$_CONTRASEÑA_API = "SecurePassword+"
$_RUTA_TRABAJO = "c:\Workfolder\IPHostCSV\"
$_NOMBRE_ARCHIVO_CSV = "test.csv"

# Permitir conexiones SSL
# -----------------------
add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy


# Bucle principal
# ---------------
foreach($linea in [System.IO.File]::ReadLines("$_RUTA_TRABAJO$_NOMBRE_ARCHIVO_CSV"))
    {

    # Obtencion Parametros CSV
    # ------------------------
    $_NOMBRE_IP = ($linea -split ',')[0]
    $_DIRECCION_IP =  ($linea -split ',')[1]
    $_MASCARA =  ($linea -split ',')[2]

    # Consulta API
    # ------------
    echo "[INFO] Procesando Host: $($_NOMBRE_IP) IP: $($_DIRECCION_IP)"
    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 
    $_URL_API = "https://$($_IP_FIREWALL):$($_PUERTO_FIREWALL)/webconsole/APIController?reqxml=<Request><Login><UserName>$($_USUARIO_API)</UserName><Password>$($_CONTRASEÑA_API)</Password></Login><Set><IPHost><Name>$($_NOMBRE_IP)</Name><IPFamily>IPv4</IPFamily><HostType>IP</HostType><IPAddress>$($_DIRECCION_IP)</IPAddress></IPHost></Set></Request>"
    $_RESULTADO_API = Invoke-WebRequest -Uri "$_URL_API"
    [xml] $_CODIGO_XML = $_RESULTADO_API.Content


    # Revision Resultados
    # -------------------
    if($_CODIGO_XML.Response.IPHost.Status.code -eq 200)
            {
            echo "[ OK ] CODIGO: $($_CODIGO_XML.Response.IPHost.Status.code) - Procesado OK"
            $_NOMBRE_IP | Out-File -Append -Encoding utf8 -FilePath "$($_RUTA_TRABAJO)OK.txt"
            } else {
            echo "[WARN] CODIGO: $($_CODIGO_XML.Response.IPHost.Status.code) - Problema en la ejecuccion $($_CODIGO_XML.Response.IPHost.Status.'#text')"
            $_NOMBRE_IP | Out-File -Append -Encoding utf8 -FilePath "$($_RUTA_TRABAJO)NO_OK.txt"
            }
    }

Basically, these 2 lines

 $_URL_API = "https://$($_IP_FIREWALL):$($_PUERTO_FIREWALL)/webconsole/APIController?reqxml=<Request><Login><UserName>$($_USUARIO_API)</UserName><Password>$($_CONTRASEÑA_API)</Password></Login><Set><IPHost><Name>$($_NOMBRE_IP)</Name><IPFamily>IPv4</IPFamily><HostType>IP</HostType><IPAddress>$($_DIRECCION_IP)</IPAddress></IPHost></Set></Request>"
    $_RESULTADO_API = Invoke-WebRequest -Uri "$_URL_API"
    [xml] $_CODIGO_XML = $_RESULTADO_API.Content

Do the call. Any idea how to avoid the error when specials chars are used either in password or any other place in the URI?

Thanks!

Antonio. (Sorry for the English, not my mother tongue).

Answer 1

User the UrlEncode method of HttpUtility. This will convert special character to their url friendly alternative.

$_URL_API_Encoded = [System.Web.HttpUtility]::UrlEncode($_URL_API)
$_RESULTADO_API = Invoke-WebRequest -Uri "$_URL_API_Encoded"