1

PROBLEM: Special characters particularly $ and £ are causing inconsistent behaviour in Web Api - ASP.NET C#. After calling the API the result is sometimes -

RESULT: {"Message":"An error has occurred."}

  • REQUEST FORMAT: url + Message;
  • FULL API CALL: ".........//api/data?Message=Test%20For%20%245700.00%20at%20"
  • MESSAGE: "Test For $5700.00 at "

What I've tried

  1. Using Uri.EscapeDataString(request); to call the API, but the result is still not always 100% successful (50% of times it passes, the remaining 50% of times it comes up with the error message above)
  2. Removing the $ or £ symbol, it passes every time

QUESTION: Is there a way to allow special characters to pass through the API (just as a string)? Is there any way to get just the plain string back, even when a special character is included? Here's some code below that gets the message -

public List<Results> Get(string Message) { //DO SOMETHING WITH THE MESSAGE AS A STRING & RETURN RESULTS }

Also, here's how I'm calling the API -

//CALLING API STEPS string url = ".....//api/data?Message="; string message = "Test For $5700.00 at "; string completeURL = url + Uri.EscapeDataString(message); var client = new WebClient(); var content = client.DownloadString(completeURL);

I've added some additional test results below -

TEST RESULT - PASS

string url = ".....//api/data?Message="; string message = "Test For $5700.00 at "; message = message.Replace("$", "%24");//Adding this line before the URL-encoding fixes the problem string completeURL = url + Uri.EscapeDataString(message); var client = new WebClient(); var content = client.DownloadString(completeURL); //PASS - COMPLETE URL: ".....//api/data?Message=Test%20for%20%25245700.00%20at%20" //RESULT - API CALL SUCCESSFUL

TEST RESULT - FAIL

string url = ".....//api/data?Message="; string message = "Test For $5700.00 at "; string completeURL = url + Uri.EscapeDataString(message); var client = new WebClient(); var content = client.DownloadString(completeURL); //FAIL - COMPLETE URL: ".....//api/data?Message=Test%20for%20%245700.00%20at%20" //RESULT - EXCEPTION -> "The remote server returned an error: (500) Internal Server Error."
Improve this question
8
  • 5
    My guess is that you're not correctly escaping the query parameter. Please show exactly how you're calling the API - you shouldn't just append arbitrary text to a URL; it should be URL-encoded. Commented May 26, 2022 at 10:08
  • Thanks, I've edited the question with the details of how I'm calling the API. I also thought the Uri.EscapeDataString handles all the encoding. Commented May 26, 2022 at 17:20
  • 3
    Yes, I'd expect it to as well, but you previously just said "REQUEST FORMAT: url + Message" which isn't the same thing at all. (You mentioned Uri.EscapeDataString(request), but that's not the same as message... this is why showing the actual code is much more useful.) Now, you say this sometimes causes problems - could you give more details about that? Is it literally inconsistent between calls to the same URI, or does it always fail or always succeed for any given message? Commented May 26, 2022 at 17:24
  • 2
    I suggest you put that information into the question, along with the final URL in each case. Commented May 27, 2022 at 18:57
  • 2
    Dig into your error logs a little deeper. (500) Internal Server Error usually means something went wrong in your code, not in Web API itself. Does your Get method get invoked? What is the value of the Message parameter at that point? I would guess your "DO SOMETHING WITH THE MESSAGE..." code is where the problem lies. Commented May 27, 2022 at 19:54

1 Answer 1

Reset to default
0

Thank you for adding the test results:

//PASS - COMPLETE URL: ".....//api/data?Message=Test%20for%20%25245700.00%20at%20" //RESULT - API CALL SUCCESSFUL //FAIL - COMPLETE URL: ".....//api/data?Message=Test%20for%20%245700.00%20at%20" //RESULT - EXCEPTION -> "The remote server returned an error: (500) Internal Server Error."

It seems clear what's happening:

  • In the "success" case you're passing a percent sign ("%", hex 0x25) and the value "245700.00".
  • In the "failing" case, you're passing a dollar sign (0x24) and the value "5700.00"".
  • Your application (the application, not Web API) is failing when it tries to read the "$".

I suspect the failing case (HTTP error 500) AND the "success" case are BOTH wrong.

I think you meant the value to be "5700.00", not "245700.00".

SUGGESTION:

  • Eliminate the "$" ... or ...
  • Modify your app to expect (and accept) the leading "$" sign.
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Many thanks for the helpful analysis, it steered me to look closer at certain sections of the code (Application & the Web API). I've added a fix to the Web API after digging deeper. Those special characters trigger the bug but for other reasons - not exactly because they are special characters. It really looked like it was due to the special characters but I found an underlying bug in the Web API with an out of bounds array and after fixing that bug now every test passes.
I believe you. Although it's a bit surprising that the SHORTER input string, with the SMALLER numeric value would trigger an out-of-bounds exception, while the LONGER/LARGER value wouldn't. In any case - glad you found the problem. SUGGESTION: Please feel free to "upvote" the response if you found it helpful.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.