How do you UrlEncode without using System.Web?
The answers here are very good, but still insufficient for me.
I wrote a small loop that compares Uri.EscapeUriString
with Uri.EscapeDataString
for all characters from 0 to 255.
NOTE: Both functions have the built-in intelligence that characters above 0x80 are first UTF-8 encoded and then percent encoded.
Here is the result:
******* Different *******
'#' -> Uri "#" Data "%23"
'$' -> Uri "$" Data "%24"
'&' -> Uri "&" Data "%26"
'+' -> Uri "+" Data "%2B"
',' -> Uri "," Data "%2C"
'/' -> Uri "/" Data "%2F"
':' -> Uri ":" Data "%3A"
';' -> Uri ";" Data "%3B"
'=' -> Uri "=" Data "%3D"
'?' -> Uri "?" Data "%3F"
'@' -> Uri "@" Data "%40"
******* Not escaped *******
'!' -> Uri "!" Data "!"
''' -> Uri "'" Data "'"
'(' -> Uri "(" Data "("
')' -> Uri ")" Data ")"
'*' -> Uri "*" Data "*"
'-' -> Uri "-" Data "-"
'.' -> Uri "." Data "."
'_' -> Uri "_" Data "_"
'~' -> Uri "~" Data "~"
'0' -> Uri "0" Data "0"
.....
'9' -> Uri "9" Data "9"
'A' -> Uri "A" Data "A"
......
'Z' -> Uri "Z" Data "Z"
'a' -> Uri "a" Data "a"
.....
'z' -> Uri "z" Data "z"
******* UTF 8 *******
.....
'Ò' -> Uri "%C3%92" Data "%C3%92"
'Ó' -> Uri "%C3%93" Data "%C3%93"
'Ô' -> Uri "%C3%94" Data "%C3%94"
'Õ' -> Uri "%C3%95" Data "%C3%95"
'Ö' -> Uri "%C3%96" Data "%C3%96"
.....
EscapeUriString
is to be used to encode URLs, while EscapeDataString
is to be used to encode for example the content of a Cookie, because Cookie data must not contain the reserved characters '='
and ';'
.
System.Uri.EscapeUriString()
can be problematic with certain characters, for me it was a number / pound '#' sign in the string.
If that is an issue for you, try:
System.Uri.EscapeDataString() //Works excellent with individual values
Here is a SO question answer that explains the difference:
What's the difference between EscapeUriString and EscapeDataString?
and recommends to use Uri.EscapeDataString()
in any aspect.
You can use
Uri.EscapeUriString (see http://msdn.microsoft.com/en-us/library/system.uri.escapeuristring.aspx)
In .Net 4.5+ use WebUtility
Just for formatting I'm submitting this as an answer.
Couldn't find any good examples comparing them so:
string testString = "http://test# space 123/text?var=val&another=two";
Console.WriteLine("UrlEncode: " + System.Web.HttpUtility.UrlEncode(testString));
Console.WriteLine("EscapeUriString: " + Uri.EscapeUriString(testString));
Console.WriteLine("EscapeDataString: " + Uri.EscapeDataString(testString));
Console.WriteLine("EscapeDataReplace: " + Uri.EscapeDataString(testString).Replace("%20", "+"));
Console.WriteLine("HtmlEncode: " + System.Web.HttpUtility.HtmlEncode(testString));
Console.WriteLine("UrlPathEncode: " + System.Web.HttpUtility.UrlPathEncode(testString));
//.Net 4.0+
Console.WriteLine("WebUtility.HtmlEncode: " + WebUtility.HtmlEncode(testString));
//.Net 4.5+
Console.WriteLine("WebUtility.UrlEncode: " + WebUtility.UrlEncode(testString));
Outputs:
UrlEncode: http%3a%2f%2ftest%23+space+123%2ftext%3fvar%3dval%26another%3dtwo
EscapeUriString: http://test#%20space%20123/text?var=val&another=two
EscapeDataString: http%3A%2F%2Ftest%23%20space%20123%2Ftext%3Fvar%3Dval%26another%3Dtwo
EscapeDataReplace: http%3A%2F%2Ftest%23+space+123%2Ftext%3Fvar%3Dval%26another%3Dtwo
HtmlEncode: http://test# space 123/text?var=val&another=two
UrlPathEncode: http://test#%20space%20123/text?var=val&another=two
//.Net 4.0+
WebUtility.HtmlEncode: http://test# space 123/text?var=val&another=two
//.Net 4.5+
WebUtility.UrlEncode: http%3A%2F%2Ftest%23+space+123%2Ftext%3Fvar%3Dval%26another%3Dtwo
In .Net 4.5+ use WebUtility
.UrlEncode
This appears to replicate HttpUtility.UrlEncode
(pre-v4.0) for the more common characters:Uri.EscapeDataString(testString).Replace("%20", "+").Replace("'", "%27").Replace("~", "%7E")
Note: EscapeUriString
will keep a valid uri string, which causes it to use as many plaintext characters as possible.
See this answer for a Table Comparing the various Encodings:
https://stackoverflow.com/a/11236038/555798
Line Breaks
All of them listed here (other than HttpUtility.HtmlEncode
) will convert "\n\r"
into %0a%0d
or %0A%0D
Please feel free to edit this and add new characters to my test string, or leave them in the comments and I'll edit it.