asp.net - different result when encoding values from web.config -


i trying form basic authentication header getting username , password web.config when these values web.config, base64 string different ones hard coding values straight code.

this web.config:

 <?xml version="1.0" encoding="utf-8"?>     <appsettings>     <add key="username" value="lowercaseusername"/>     <add key="password" value="mixedcasepassword​"/>     </appsettings>

and code:

var username = configurationmanager.appsettings["username"]; var password = configurationmanager.appsettings["password"]; string encodedvalues = `convert.tobase64string(system.text.encoding.utf8.getbytes(username + ":" + password));`

i "4ocl" @ end of encoded string when them web.config opposed hardcoded directly values in code

your web.config have utf-8 encoding. if copy-pasted password , set web.config encoding iso-8859-1:

<?xml version="1.0" encoding="iso-8859-1"?>

that's when getting value config:

mixedcasepasswordâ\u0080\u008b

this should correspond to

mixedcasepassword​

so there's invisible characters have been incorrectly encoded in web.config.

the web.config file xml file, values need encoded. if set in web.config (keeping encoding @ utf-8):

<add key="password" value="mixedcasepassword&#226;&#8364;&#8249;" />

you should have true if test:

configurationmanager.appsettings["password"] == "mixedcasepassword​"

then base64 should match if password web.config or hard coded.


Comments

Post a Comment

Popular posts from this blog

android - InAppBilling registering BroadcastReceiver in AndroidManifest -

i'm implementing inapp billing in android app. works well, however, i'm trying decouple broadcast receiver activity manifest. suggestion in android's trivialdrive sample: // important: dynamically register broadcast messages updated purchases. // register receiver here instead of <receiver> in manifest // because call getpurchases() @ startup, therefore can ignore // broadcasts sent while app isn't running. // note: registering listener in activity bad idea, done here // because sample. regardless, receiver must registered after // iabhelper setup, before first call getpurchases(). currently there's class extends broadcastreceiver : public class iabbroadcastreceiver extends broadcastreceiver { /** * intent action receiver should filter for. */ public static final string action = "com.android.vending.billing.purchases_updated"; private final iabbroadcastlistener mlistener; public iabbroadcastreceiver(iabbroadcastlistener listener) { m...
Read more

python Tkinter Capturing keyboard events save as one single string -

is possible store keyboard events 1 string? code below stores 1 char , prints it. card reader or bar code reader, contains collection of character/ string not 1 character @ time. goal save char pressed text variable. from tkinter import * root = tk() def key(event): text= event.char text+= event.char print ("pressed", text) def callback(event): frame.focus_set() print ("clicked at", event.x, event.y) frame = frame(root, width=100, height=100) frame.bind("<key>", key) frame.bind("<button-1>", callback) frame.pack() root.mainloop() currently, creating text variable , everytime key() function gets called, , text stores last character typed. you can define text module level variable , , use module level text inside key function - text = '' def key(event): global text text+= event.char print("pressed", text)
Read more

sql server - Why does Linq-to-SQL add unnecessary COUNT()? -

here tables: create table customer ( cid int primary key, name varchar(32) ) create table ord ( oid int primary key, cid int foreign key references customer, address varchar(20) ) here's linq-to-sql statement: var aaa = c in db.customer select new { c, o = c.ord.tolist() }; and here's inexplicable query generated linq-to-sql: select [t0].[cid] [cid], [t0].[name] [name], [t1].[oid] [oid], [t1].[cid] [cid2], [t1].[address] [address], (select count(*) [dbo].[ord] [t2] [t2].[cid] = [t0].[cid]) [value] [dbo].[customer] [t0] left outer join [dbo].[ord] [t1] on [t1].[cid] = [t0].[cid] order [t0].[cid], [t1].[oid] i want understand how rid of count(*) part. it's entirely uncalled for! linq needs count(*) in order determine number of entries returned o = c.ord.tolist() .
Read more