asp.net core 2 optional attribute routing parameter with + in it results in 404

Question

FIX UPDATE

It seems I was not paying enough attention to the actual error which was a 404.11 which means it was not allowing allowDoubleEscaping so I had to add a web.config to my project and set it to following

<?xml version="1.0" encoding="utf-8"?>
 <configuration>
  <system.webServer>
  <security>
    <requestFiltering allowDoubleEscaping="true" />
  </security>
 </system.webServer>
</configuration>

---

I have the following attribute route

[Route("home/coin/{symbol:alpha}/{name:alpha?}")]
public IActionResult Symbol(string symbol, string name)

If I navigate to /home/coin/mysymbol then it works, if I have /home/coin/mysymbol/myname this also works, however if I have /home/coin/mysymbol/myname+moreofname then it results in 404 Not Found , the name parameter that is being passed is URL-encoded so any spaces get changed to +

UPDATE Rest of the controller (code stripped out)

public class HomeController : BaseController
{

    private readonly IViewRenderService _viewRenderService;

    public HomeController(CryptoDateContext context, IConfiguration configuration,
        IViewRenderService viewRenderService, IOptions<GeneralSettings> generalSettings, ILogger<BaseController> logger)
        : base(context, configuration, generalSettings, logger)
    {
        logger.LogDebug("Base controller ctor called");
        _viewRenderService = viewRenderService;

    }

    public IActionResult Sitemap()
    {


    }

    public async Task<IActionResult> SymbolSitemap()
    {

    }




    [ResponseCache(Location = ResponseCacheLocation.None, NoStore = true)]
    public IActionResult GetSearchResults(SearchCriteria criteria)
    {


    }
    public IActionResult Index()
    {

    }

    [HttpPost]
    [ValidateAntiForgeryToken]
    public IActionResult AddEvent(SubmitEventModel model)
    {

    }


    public IActionResult SubmitEvent(int? id)
    {

    }

    public IActionResult DownloadICS(int id)
    {



    }
    [HttpPost]
    [ServiceFilter(typeof(ValidateReCaptchaAttribute))]
    public IActionResult SubmitContactus(ContactUsModel model)
    {

    }

    public IActionResult Contribute()
    {


        return View();
    }
    public IActionResult Telegram()
    {


        return View();
    }
    [Route("home/event/{id:int}/{title?}")]
    public IActionResult Event(int id, string title = null)
    {

    }
    [Route("home/coin/{symbol:alpha}/{name?}")]
    public IActionResult Symbol(string symbol, string name = null)
    {

    }

    public IActionResult Contact()
    {

    }

    public IActionResult Error()
    {
        return View(new ErrorViewModel { RequestId = Activity.Current?.Id ?? HttpContext.TraceIdentifier });
    }
    public IActionResult Exception()
    {
        throw new Exception("Testing");
    }
}

Answer 1

What if you simply replace + and other special characters? Using a function like:

public string ClearnUrl(string title)
        {
            string cleanTitle = title.ToLower().Replace(" ", "-");
            //Removes invalid character like .,-_ etc
            cleanTitle = Regex.Replace(cleanTitle, @"[^a-zA-Z0-9\/_|+ -]", "");
            cleanTitle = cleanTitle.Replace("/", "");
            return cleanTitle;
        }