In my django project, I have a url pattern like
(r'^survey/u2=([^/]+)/u3=([^/]+)/$',SurveyView.as_view()).
When I try to open the below url
http://www.sample.com/survey/u2=rc57S4/jyTJBz+==/u3=/U5pKfrV8X1MjUU2tI0AhqTF5PGR8g=/
[where u2 & u3 are encrypted value using internal keys. ]
I'm getting page not found error. This is due to, the sample url is not matching with the original url pattern at server end, as it has '/' backslash character in the url parameter.
Right now,I'm not in a position to edit the sample url by adding encode to the parameters, since this url has been mailed to customer. However if the customer opens the link I should not through error message.
How can I handle this special characters at server end while pattern match for url?.
Instead of passing as arguments in URL pass it as a GET request. seperated by ? and & characters.
Related
I have a search box.
I search for: <- blank spaces in my search box.
My form validation catches this.
The URL shows: ++++++++++++++++
If I search for: <script>alert(1);</script>
The URL shows: <script>alert%281%29%3B<%2Fscript>
The Question
Where in Django can I alter / change / modify the request that determines the request URL? I'm thinking middleware but I haven't found an example. Would I have to create an entirely new HttpRequest from scratch?
Why do I want to?
I want to encode the URL differently. For example, strip all punctuation from the q= value, replace whitespace, strip, replace single spaces with + to have cleaner URLs.
Really looking for a clear example with CODE.
I am trying to call a webservice from Postman client and while doing this I am passing a value which has '#' in it. Example:
test = "43543#324#435"
But when I enter this value and click somewhere else it will remove all characters from first '#' including '#'. So the parameter will become:
test = "43543"
What should I do so that I can pass a parameter with '#' in it?
Note: 'Postman' is a Google Chrome add-in to test Rest webservices.
You should not use # in your URL parameters.
You can find out why in this answer here: Characters allowed in GET parameter
Not use # in URL so use encode of # is %23 and replace #.
for example show in below.
test = "43543%23324%23435"
I got the solution.
As some special characters are not allowed in URL, so we need to encode them. For this, in bulk edit mode for key-value pair, select value which contains special characters and right click. Select 'EncodeURIComponenet' and send request. It will work :)
I'm working on script that would show potentially dangerous HTTP requests, but I don't know how to filter URI in HTTP request correctly. The idea is to look if any URL is contained in GET parameters, but ignore the URLs which are added to GET parameter with specified word (for example - GET parameter with name goto can contain any URL. So if there is starting line of request like this ...
GET /check/request?first=1&second=http://domain.tld/something&third=3 HTTP/1.1
... there must be match. In case we have other request's starting line like ...
GET /check/request?goto=http://domain.tld/something HTTP/1.1
... this one should be ignored.
Base regex which matches any line with URL is:
^(GET|POST).*\?.*\=http\:\/\/.* HTTP\/.*$
I was trying to modify it correctly, but my version only matches lines which contains word goto in URL itself, not as parameter:
^(GET|POST).*\?.*(?!.*goto)\=http\:\/\/.* HTTP\/.*$
Any help would be appreciated.
UPDATE
^(GET|POST).*\?.*(?<!goto)\=http\:\/\/.* HTTP\/.*$
Check here
You probably meant lookbehind to http://.* rather than lookahead to .*:
^(GET|POST).*\?.*(?<!goto)\=http\:\/\/
Please see an example on regex101.
I'm attempting to URL encode a string that contains slashes in Django 1.3 using the optional argument shown in the docs:
{{ someString|urlencode:"" }}
However, the slashes aren't getting URL encoded, they're left intact. So, if someString is "A/V Equipment", I'm getting "A/V%20Equipment". What am I doing wrong?
"/" is already a valid url character and as such will not be encoded to something else. You are not doing anything wrong. I take it you are having issues with some sort of clean url argument that gets confused with the / character? If this is the case, rather pass the string in as a query parameter.
We've got some incoming URLs that needs to be redirected, but we are having trouble with URLs that contains pluses (+).
For example any incoming URL must be redirected to the Homepage of the new site:
/eng/news/2005+01+01.htm
Should be redirected to to the home page of the new site
/en/
Using UrlRewriter.net we've set up a rule which works with 'normal' URLs but does not work for the above
<redirect url="~/eng/(.+)" to="/en/index.aspx" />
However it works fine if i change the incoming URL to
/eng/news/2005-01-01.htm
What's the problem and can anyone help?
I don't know about UrlRewriter.net, and I'm not sure which regex syntax it uses. I give some hint based on Perl regex.
what is the ~ at the beginning? Perhaps you mean ^, i.e. beginning of the string.
(.+) matches any character repeated one or more time; it does not match the + sign as you want
This is one way to write a (Perl) regex matching URLs starting with the string /eng/ and containg a + sign:
^\/eng\/.*\+.*
I hope this helps.