Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > Why is this url unclickable?

Reply
Thread Tools

Why is this url unclickable?

 
 
Jeff
Guest
Posts: n/a
 
      02-08-2010
Hi

asp.net 3.5

When user signup to my website he gets an email containing a url he needs to
click on so he can verify his identiy. Now I got some problem with this url,
I'm changing it a bit which resulted in url not being clickable
(I changed it because before I sent the username as a parameter, that is not
very good in terms of security)

This url is unclickable
Confirm.aspx?user=S0B7mEuiaYBNZcMWpXGG7g%3d%3d

but Confirm.aspx?user=crapbook
is clickable

In addition I used Server.UrlEncode on the "S0B7mEuiaYBNZcMWpXGG7g%3d%3d"
value, maybe I should have used on the enture url?

what you suggest?


 
Reply With Quote
 
 
 
 
Alexey Smirnov
Guest
Posts: n/a
 
      02-08-2010
On Feb 8, 12:13 pm, "Jeff" <(E-Mail Removed)> wrote:
> Hi
>
> asp.net 3.5
>
> When user signup to my website he gets an email containing a url he needs to
> click on so he can verify his identiy. Now I got some problem with this url,
> I'm changing it a bit which resulted in url not being clickable
> (I changed it because before I sent the username as a parameter, that is not
> very good in terms of security)
>
> This url is unclickable
> Confirm.aspx?user=S0B7mEuiaYBNZcMWpXGG7g%3d%3d
>
> but Confirm.aspx?user=crapbook
> is clickable
>
> In addition I used Server.UrlEncode on the "S0B7mEuiaYBNZcMWpXGG7g%3d%3d"
> value, maybe I should have used on the enture url?
>
> what you suggest?


It's a problem with your email client, I believe. If I paste this url
in Gmail, I see no problem to send such message and click on the link
once received.
 
Reply With Quote
 
 
 
 
Jason Keats
Guest
Posts: n/a
 
      02-08-2010
Jeff wrote:
> Hi
>
> asp.net 3.5
>
> When user signup to my website he gets an email containing a url he needs to
> click on so he can verify his identiy. Now I got some problem with this url,
> I'm changing it a bit which resulted in url not being clickable
> (I changed it because before I sent the username as a parameter, that is not
> very good in terms of security)
>
> This url is unclickable
> Confirm.aspx?user=S0B7mEuiaYBNZcMWpXGG7g%3d%3d
>
> but Confirm.aspx?user=crapbook
> is clickable
>
> In addition I used Server.UrlEncode on the "S0B7mEuiaYBNZcMWpXGG7g%3d%3d"
> value, maybe I should have used on the enture url?
>
> what you suggest?
>
>


Using % is unsafe.

http://www.ietf.org/rfc/rfc1738.txt

I'd use a GUID.
 
Reply With Quote
 
Jeff
Guest
Posts: n/a
 
      02-08-2010
the email client I use is Opera. I was testing using hotmail and used Opera
to view the emails

Considering using GUID instead, I mean use userproviderkey:
link += "?user=" + Server.UrlEncode(user.ProviderUserKey.ToString());



"Alexey Smirnov" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Feb 8, 12:13 pm, "Jeff" <(E-Mail Removed)> wrote:
>> Hi
>>
>> asp.net 3.5
>>
>> When user signup to my website he gets an email containing a url he needs
>> to
>> click on so he can verify his identiy. Now I got some problem with this
>> url,
>> I'm changing it a bit which resulted in url not being clickable
>> (I changed it because before I sent the username as a parameter, that is
>> not
>> very good in terms of security)
>>
>> This url is unclickable
>> Confirm.aspx?user=S0B7mEuiaYBNZcMWpXGG7g%3d%3d
>>
>> but Confirm.aspx?user=crapbook
>> is clickable
>>
>> In addition I used Server.UrlEncode on the "S0B7mEuiaYBNZcMWpXGG7g%3d%3d"
>> value, maybe I should have used on the enture url?
>>
>> what you suggest?

>
> It's a problem with your email client, I believe. If I paste this url
> in Gmail, I see no problem to send such message and click on the link
> once received.



 
Reply With Quote
 
Alexey Smirnov
Guest
Posts: n/a
 
      02-08-2010
On 8 Feb., 15:47, "Jeff" <(E-Mail Removed)> wrote:
> the email client I use is Opera. I was testing using hotmail and used Opera
> to view the emails
>
> Considering using GUID instead, I mean use userproviderkey:
> link += "?user=" + Server.UrlEncode(user.ProviderUserKey.ToString());
>
> "Alexey Smirnov" <(E-Mail Removed)> wrote in message
>
> news:(E-Mail Removed)...
>
>
>
> > On Feb 8, 12:13 pm, "Jeff" <(E-Mail Removed)> wrote:
> >> Hi

>
> >> asp.net 3.5

>
> >> When user signup to my website he gets an email containing a url he needs
> >> to
> >> click on so he can verify his identiy. Now I got some problem with this
> >> url,
> >> I'm changing it a bit which resulted in url not being clickable
> >> (I changed it because before I sent the username as a parameter, that is
> >> not
> >> very good in terms of security)

>
> >> This url is unclickable
> >> Confirm.aspx?user=S0B7mEuiaYBNZcMWpXGG7g%3d%3d

>
> >> but Confirm.aspx?user=crapbook
> >> is clickable

>
> >> In addition I used Server.UrlEncode on the "S0B7mEuiaYBNZcMWpXGG7g%3d%3d"
> >> value, maybe I should have used on the enture url?

>
> >> what you suggest?

>
> > It's a problem with your email client, I believe. If I paste this url
> > in Gmail, I see no problem to send such message and click on the link
> > once received.


So, if you open the email in Hotmail, do you see the link?
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Malformed URL by using Page.Request.Url.ToString() - why? =?Utf-8?B?QXhlbCBEYWhtZW4=?= ASP .Net 3 04-18-2007 06:45 AM
why why why why why Mr. SweatyFinger ASP .Net 4 12-21-2006 01:15 PM
findcontrol("PlaceHolderPrice") why why why why why why why why why why why Mr. SweatyFinger ASP .Net 2 12-02-2006 03:46 PM
URL - substitution of a correct URL by a GUID like URL in favorites. Just D. ASP .Net Mobile 0 08-11-2004 04:26 PM
redirect URL's, return URL's, and URL Parameters Jon paugh ASP .Net 1 07-10-2004 05:29 AM



Advertisments