C# HttpWebRequest Post form data with special string

Question

I'm trying to post form data to an external url to retrieve a html response. When I try to post these values with a html form element in an .html file, it works fine. However, when trying to post the same values with C# HttpWebRequest, it doesn't work. The problematic variable is this:

 <input type="hidden" name="id" id="id" value='2015-08-19 13:30:00:::2015-08-19 16:40:00:::Estarder 1:::V:::VAI:::AAA:::460:::02:10:00:::CRJ:::V,Y:::::::::Z8:::Santa Cruz (VVI):::Salta(SLA)'>

That is the hidden field in the html form I'm using. When I send this "id" value as empty or wrong I get an empty string result instead of the expected html.

In C# code, I always get an empty string as response. This is my C# code:

HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create("https://www.anywebsite.com/reser/server/actu_status.php");
            request.Method = "POST";
            request.AllowAutoRedirect = false;
            request.CookieContainer = cookies;
            request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8";
            request.ContentType = "application/x-www-form-urlencoded";

            string strNew = "&it=" + it + "&tipo_new=1&id=" + inputValue + "&monto=0&mon=";

            var data = Encoding.UTF8.GetBytes(strNew);

            using (var stream = request.GetRequestStream())
            {
                stream.Write(data, 0, data.Length);
            }

            var response = (HttpWebResponse)request.GetResponse();

            var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();

I think encoding of this "inputValue" could be related to this, I tried these 2 ways:

1)  string strNew = "&it=" + it + "&tipo_new=1&id=" + inputValue + "&monto=0&mon=";

2)   string strNew = "&it=" + it + "&tipo_new=1&id=" + HttpUtility.UrlEncode(inputValue) + "&monto=0&mon=";

But none of these worked.

Do you have an idea what could be causing this empty string result? Note that in web browser I also get the empty response when the "id" hidden input field has incorrect data.

Could there be a special encoding to be used there with ":::" characters?

Reviewing both calls (one .html file, another c# code) with Fiddler, the difference seems to be the "()" characters: Html file call:

 3a%3a%3aSanta+Cruz+(VVI)%3a%3a%3aSalta(SLA)&monto=0&mon=

C# request sent:

 3A%3ASanta+Cruz+%28VVI%29%3A%3A%3ASalta%28SLA%29&monto=0&mon=

The encoding is not working for "()" characters? Any idea it could affect?

Comparing the headers :

POST https://www.anysite.com/reserva3/server/actu_estado.php HTTP/1.1
Host: www.anysite.com
Connection: keep-alive
Content-Length: 380
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Accept-Language: es-ES,es;q=0.8,en;q=0.6
Cookie: WebAmaszonas=12a620133f447d1fd126c3bc176eb411; 20011920910-20150729143408-157141320855b91ca0074937-00865209=d433a027559697ffab682c23d799b0a6; 20011920910-20150729145250-68716839655b921024d6852-68684734=236496c8c7338b2f627a8ef232e594ad; 20011920910-20150729145319-101832047555b9211fbac1b4-84013043=462e294432435993d6abd781afedbe83; 20011920910-20150729145353-64952403855b92141797c34-27814538=a53da15223e0aa3738f11287b3e865ba; 20011920910-20150729145413-186346569255b921550c42a1-25690349=761611e26d9a55fd942f9ef096a3f082; 20011920910-20150729151718-96356722455b926bed246b0-24253581=e982ad1989a3d8435c6ae9e5fe19becc; 20011920910-20150729152154-11483789755b927d29a89c7-69865088=d5db38b9fdc3129fb272d2443375cf05; 20011920910-20150729152639-202823217355b928efe950f6-26854157=ca2f211d604ed43e1241d60c6542eb45; 20011920910-20150729152721-101593653455b929195ff4e0-55606804=6fabc92e9a3055fd4ac093cc33279d06; 20011920910-20150729153742-188056231255b92b8686f940-62606835=2e96f159b24b5b530b8985c1633a7534; 20011920910-20150729164914-64775098455b93c4a72d2e1-66426174=c585a55b2be8a312999c204f2591182a; 20011920910-20150729174029-113315944155b9484d134e05-75659750=224ec629dc27eee2287407578698ecff; 20011920910-20150729175035-123576351955b94aabac5d80-96847521=9d49f53a42c274351a9ea08856fec884; 20011920910-20150730110547-80615724155ba3d4b1ddde5-79868945=3e367e93767d39dae60037815ce5dc98; 20011920910-20150730110846-190316769455ba3dfe9ae3b8-00355181=cc2757b9bfd61f8da604057d098365c4; 20011920910-20150730120640-153925119555ba4b905daad6-58863984=fbf9b9189f8eb5c8c699353811206009; 20011920910-20150730155822-106183958655ba81dea52c27-39061829=955ac586630dacfd7958a2c945b517b3; __utma=44289076.1245823098.1438112030.1438271798.1438352283.5; __utmc=44289076; __utmz=44289076.1438271798.4.2.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); 20011920910-20150731101839-161050305155bb83bfc580f6-88478058=f4f290a7c96f10d6a251cc76c863faeb; 20011920910-20150731101913-144151518355bb83e1e874b3-12891534=8cd2dfa83c7bb6a4a8e9e9f26cb1e08e; 20011920910-20150731101951-195196827255bb8407a66238-65768491=9788783fa71200d225307d55585675d3; 20011920910-20150731102004-27173017555bb8414516340-71888646=820389de93795e6c94efabead492d845; 20011920910-20150731102028-97871570555bb842c84a2a0-94655428=2498720cc1ac2ee970c5e7e10952562c; 20011920910-20150731104252-143815792155bb896c959082-24175470=61bd70cec2d70aa254e099f7a718c5ff; 20011920910-20150731105957-195345078055bb8d6d7f2078-02814471=c5c0b192d70d36cd8303267f2bce8925; 20011920910-20150731104252-143815792155bb896c959082-24175470a=f70bc817d6362383b9bc1fa240396fe1; 20011920910-20150731133128-214572938755bbb0f04252a9-82382000=dd4dfbb4a1e3ea0e56e35256308ce08e; 20011920910-20150731152546-201600117255bbcbba049567-54330748=7bae974ce7eb9325188f333fb1812b5f

 it=20011920910-20150731152546-201600117255bbcbba049567-54330748&tipo_new=1&id=11%3A30%3A00%3A%3A%3A16%3A40%3A00%3A%3A%3A2015-08-19+13%3A30%3A00%3A%3A%3A2015-08-19+16%3A40%3A00%3A%3A%3AEscalas+1%3A%3A%3AV%3A%3A%3AVVI%3A%3A%3ASLA%3A%3A%3A460%3A%3A%3A02%3A10%3A00%3A%3A%3ACRJ%3A%3A%3AV%2CY%3A%3A%3A%3A%3A%3A%3A%3A%3AZ8%3A%3A%3ASanta+Cruz+%28VVI%29%3A%3A%3ASalta%28SLA%29&monto=0&mon=

C# call:

 POST https://www.anysite.com/reservar/server/actu_estado.php HTTP/1.1
 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
 Content-Type: application/x-www-form-urlencoded
 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36
 Accept-Encoding: gzip, deflate
 Upgrade-Insecure-Requests: 1
 Cache-Control: max-age=0
 Origin:  
 Accept-Language: es-ES,es;q=0.8,en;q=0.6
 Host: www.anysite.com
 Cookie: 20011920910-20150731161313-197603319955bbd6d90fbb13-41505311=4e901d35a856baef9b00ed3500d89113
 Content-Length: 384
 Connection: Keep-Alive

 it=20011920910-20150731161313-197603319955bbd6d90fbb13-41505311&tipo_new=1&id=13%3a30%3a00%3a%3a%3a16%3a40%3a00%3a%3a%3a2015-08-14+13%3a30%3a00%3a%3a%3a2015-08-14+16%3a40%3a00%3a%3a%3aEscalas+1%3a%3a%3aV%3a%3a%3aVVI%3a%3a%3aSLA%3a%3a%3a460%3a%3a%3a02%3a10%3a00%3a%3a%3aCRJ%3a%3a%3aH%2cV%2cY%3a%3a%3a%3a%3a%3a%3a%3a%3aZ8%3a%3a%3aSanta+Cruz+%28VVI%29%3a%3a%3aSalta%28SLA%29&monto=0&mon=

Answer 1

Wrap all your data with System.Web.HttpUtility.UrlEncode.

string strNew = "&it=" + it + "&tipo_new=1&id=" + inputValue + "&monto=0&mon=";
strNew = System.Web.HttpUtility.UrlEncode(strNew);

Answer 2

Q: The encoding is not working for "()" characters?

The encoding is working just as expected. Encoding.UTF8.GetBytes() is correctly encoding '(' as '%28' and ')' as '%29'`

---

Q: Any idea it could affect?

It should not have any effect. From RFC 1738 ,

"Thus, only alphanumerics, the special characters "$-_.+!*'(),", and reserved characters used for their reserved purposes may be used unencoded within a URL.

On the other hand, characters that are not required to be encoded (including alphanumerics) may be encoded within the scheme-specific part of a URL, as long as they are not being used for a reserved purpose."

---

The client side code you've posted looks fine. I was able to use your code and successfully pass the string to a server. So on the server side if I do the following,

var httpRequest = HttpContext.Current.Request;
string inputString = "2015-08-19 13:30:00:::2015-08-19 16:40:00:::Estarder 1:::V:::VAI:::AAA:::460:::02:10:00:::CRJ:::V,Y:::::::::Z8:::Santa Cruz (VVI):::Salta(SLA)";
if (httpRequest.Form["id"] == inputString)
  return Ok("Good");

Then I get responseString as "Good" (as expected)

Now why your server is not responding correctly is a separate question and I think you'll need to give details of the server side handling of your request.

Also, you are focusing on the inputValue string but are you sure the other parts of that strNew string are not a problem (for instance, what's the it string)?