SyntaxFix

[asp.net] Escape quote in web.config connection string

I have a connection string in my web config:

<add name="MyConString" connectionString="Server=dbsrv;User ID=myDbUser;Password=somepass"word" providerName="System.Data.SqlClient" />

As you see, there is a quotation sign ( " ) in the password (given from other dept. I can't change this db users password).

How do I have to escape the quote in this connection string?

Btw: I already tried & quot; in the string. That didn't work - ado.net got an ArgumenException then: "Format of the initialization string does not conform to specification starting at index 57." 57 is where the & quot; is in my connection string. I also tried enclosing the password part in ' - didn't work either.

Also tried "" and \" - web.config can't be parsed then.

Thanks for the solution:

I had to combine the escaping of the double quote and putting the password in single quotes:

<add name="MyConString" connectionString="Server=dbsrv;User ID=myDbUser;Password='somepass&quot;word'" providerName="System.Data.SqlClient" />

This question is related to asp.net escaping web-config connection-string

The answer is

Use &quot; That should work.

Odeds answer is almost complete. Just one thing to add.

  1. Escape xml special chars like Emanuele Greco said.
  2. Put the password in single quotes like Oded said
  3. (this one is new) Escape single ticks with another single tick (ref)

having this password="'; this sould be a valid connection string:

connectionString='Server=dbsrv;User ID=myDbUser;Password='&quot;&amp;&amp;;'

if &quot; isn't working then try &#34; instead.

connectionString="Server=dbsrv;User ID=myDbUser;Password=somepass&quot;word"

Since the web.config is XML, you need to escape the five special characters:

&amp; -> & ampersand, U+0026
&lt; -> < left angle bracket, less-than sign, U+003C
&gt; -> > right angle bracket, greater-than sign, U+003E
&quot; -> " quotation mark, U+0022
&apos; -> ' apostrophe, U+0027

+ is not a problem, I suppose.

Duc Filan adds: You should also wrap your password with single quote ':

connectionString="Server=dbsrv;User ID=myDbUser;Password='somepass&quot;word'"

Source: Stackoverflow.com

Examples related to asp.net

RegisterStartupScript from code behind not working when Update Panel is used You must add a reference to assembly 'netstandard, Version=2.0.0.0 No authenticationScheme was specified, and there was no DefaultChallengeScheme found with default authentification and custom authorization How to use log4net in Asp.net core 2.0 Visual Studio 2017 error: Unable to start program, An operation is not legal in the current state How to create roles in ASP.NET Core and assign them to users? How to handle Uncaught (in promise) DOMException: The play() request was interrupted by a call to pause() ASP.NET Core Web API Authentication Could not load file or assembly 'CrystalDecisions.ReportAppServer.CommLayer, Version=13.0.2000.0 WebForms UnobtrusiveValidationMode requires a ScriptResourceMapping for jquery

Examples related to escaping

Uses for the '&quot;' entity in HTML Javascript - How to show escape characters in a string? How to print a single backslash? How to escape special characters of a string with single backslashes Saving utf-8 texts with json.dumps as UTF8, not as \u escape sequence Properly escape a double quote in CSV How to Git stash pop specific stash in 1.8.3? In Java, should I escape a single quotation mark (') in String (double quoted)? How do I escape a single quote ( ' ) in JavaScript? Which characters need to be escaped when using Bash?

Examples related to web-config

No assembly found containing an OwinStartupAttribute Error IIS Config Error - This configuration section cannot be used at this path How to enable GZIP compression in IIS 7.5 how to set start page in webconfig file in asp.net c# Authentication issue when debugging in VS2013 - iis express Forms authentication timeout vs sessionState timeout Specified argument was out of the range of valid values. Parameter name: site Access-control-allow-origin with multiple domains "An exception occurred while processing your request. Additionally, another exception occurred while executing the custom error page..." ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d

Examples related to connection-string

Get ConnectionString from appsettings.json instead of being hardcoded in .NET Core 2.0 App How to read connection string in .NET Core? Connect to SQL Server Database from PowerShell System.Data.SqlClient.SqlException: Login failed for user Entity Framework change connection at runtime A network-related or instance-specific error occurred while establishing a connection to SQL Server How can I set an SQL Server connection string? VB.NET Connection string (Web.Config, App.Config) Connection string using Windows Authentication How to find SQL Server running port?

Tags

Mysql.sock Code-size Clojure Typo3-tca Jquery-ui-slider Sorl-thumbnail Photogrammetry Popup Decimal Sqltransaction Toarray Network-share Lotus-notes Session-replication Png Vsm Base-url Addcallback Worker-processes Chain Wonderware Audio-converter Pointer-to-member Image-manipulation Case-statement Objectbrowser Binary-heap Ctabitem Redefinition Compiler-development Sprof Contextclassloader Query-hints Recoverymodel Jsoup Pyaudio Ora-02291 Cewp Bigdecimal Fftw Load-balancing Pep8-assembly Dotty Absolute-value Crash-reports Database-versioning Debug-information Winhttprequest Rs485 Xelatex Sonatype Variable-initialization Audiorecord Owl Serial-port Input-builders Ondestroy Pvm Message-queue Tridion Backcolor Sharing Application-cache Ruby-1.9 Grackle Command-window Crashrpt Messageui Mouse Ahah Colemak Rbac Text-driver Base-class Enterprise-portal Web-technologies Dbml Monomorphism Csplitterwnd Drupal-commons Boost-date-time Focusin Pic18 Jtextarea Alt-attribute Qlistwidget Net-snmp Pidgin Traceback Google-apps-script Unbuffered-output Lyx Android-listview Advertised-shortcut File-listing Return-value Multitasking Concat-ws Wrap-function Version-numbering