Encoding of XHTML and & (ampersand)

I have just tried this. What you attempted to do is correct. In HTML if you are writing a link the & characters should be encoded as &amp; You would only encode the & as %26 if you wanted a parameter value to contain an ampersand. I just wrote a simple HTML page that contained a link: <a href="Default2.aspx?param1=63&amp;param2=hel">Click me</a> and it worked fine: default2.aspx received the parameters intended and the source passed validation.

The encoding of & as &amp; is required in HTML, not in the link. When the browser sees the &amp; in the HTML source for a link it will interpret it as an ampersand and the link target will be as intended. If you paste a URL into your browser address bar it does not expect it to be HTML and does not try to interpret any HTML encoding that it may contain. This is why your example links that you suggest we should copy/paste into a browser don't work and why we wouldn't expect them to work.

If you post a bit more of your actual code we might be able to see what you have done wrong, but you appear to be heading the right direction by using &amp; in your anchor tags.


It was my fault: the hyperlink control already encoded &, so my URL http://foo?x=1&amp;y=2 was encoded to http://foo?x=1&amp;amp;y=2

Normally the &amp inside the URL is correctly handled by browsers, as you stated.


You could use &amp; instead of & in your URL within your page.

That should allow it to be validated as strict XHTML...

<a href="http://www.example.org/page.aspx?x=1&amp;y=2">Foo</a>

Note, if used by an ASP.NET Request.QueryString function, the query string doesn't use XML encoding; it uses URL encoding:

/mypath/mypage?b=%26stuff

So you need to provide a function translating '&' into %26.

Note: in that case, Server.URLEncode(”neetu & geetu”), which would produce neetu+%26+geetu, is not what you want, since you need to translate & into %26, not just '&'. You must add a replace() call applied to URLEncode result, in order to replace '%26amp;' by '%26'.