Request.Querystring removes characters from encrypted text

In my application I take a user's e-mail address, encrypt it, and URLEncode it, and pass it along into a QueryString.

email = Server.UrlEncode(aes.Encrypt(email));

The landing page does a Request.Querystring["email"], UrlDecodes it开发者_如何学Python, and then decrypts it.

    string email            = Server.UrlDecode(Request.QueryString["eId"]);
    string decemail         = aes.Decrypt(email);
    return decemail;

Very strange behavior was happening where a "+" character was being removed and therefore the decryption was failing.

I attempted to remove the UrlDecode, but that didn't solve the problem.

What solved the problem was doing this:

        string email            = Request.QueryString["eId"].ToString();
        string decemail         = aes.Decrypt(email);
        return decemail;

Getting rid of UrlDecode, and calling a ToString() on the querystring.

Does anyone know why this would happen? Does Request.QueryString call urlDecode by default? I don't think it does.

Also, why would doing the .ToString() work in this instance?

---

Yep Correct. Request.QueryString actually returns string that has already been url decoded.

Sources:

http://www.codeproject.com/KB/custom-controls/antiauto.aspx?msg=1475521

http://www.kamath.com/codelibrary/cl006_url.asp