Service codes coding problems, quotes and angle brackets

Question

Service codes coding problems, quotes and angle brackets

I have a service stack application. The testing service receives a simple request, but I find that the value of the received request does not match the original request.

I am sending: http://localhost/testapp/test?value=%22test%20data%22%20%3C12345%3E

but code outputs: test data "12345>

Note the missing first double quotation mark and the missing bracket for the corners of the left hand.

Any ideas why the application will discard the first "and" <"? Is this part of any XSS protection?

My code is:

 public class TestService : RestServiceBase<RequestDto>, IRestService<RequestDto> { public override object OnGet(RequestDto request) { return request.Value; } } public class RequestDto { public string Value { get; set; } }

To allow the service stack to first receive requests with "<". I had to switch web.config applications to use: requestValidationMode = "2.0"

+4

urlencode servicestack

Rtype Nov 28 '12 at 10:04

source share

2 answers

You need to wrap the entire value in quotation marks and avoid internal quotes. This is because the querystring parameter expects the JSV ServiceStack format. It means:

Any string with any of the following characters: [] {}, "is escaped using CSV-style escaping, where the value is wrapped in double quotes

See http://www.servicestack.net/docs/text-serializers/json-csv-jsv-serializers for more details.

You need to convey your meaning as

 ?Value="""test data"" <12345>"

or

 ?Value=%22%22%22test%20data%22%22%20%3C12345%3E%22

It will be deserialized in '

 "test data" <12345>

+1

kampsj Jan 08 '13 at 16:44

source share

niltz · Accepted Answer · 2013-05-28T21:36:18+0000

This has also been fixed in an upcoming release of the utility.

See github for more information.

Service codes coding problems, quotes and angle brackets

More articles: