URL with "%" result in WIX internal server error

Hello,

I repeatedly tried to discuss this important topic with WIX support, but their answers were not useful at all - it seemed like support guys didn’t understood the point:

Whenever any of my WIX webpages are called with some parameters, and there’s no Corvid code to “catch” those parameters, user just gets the original page.

So this (please copy+paste, don’t just click):
https://www.psychoterapie-marcek.cz/kontakt?heyyyyyyyyy

results in showing the original page:
https://www.psychoterapie-marcek.cz/kontakt

BUT, whenever the parameters part includes “%” sign, WIX goes into “internal server 500 error” (please copy+paste, don’t just click):
https://www.psychoterapie-marcek.cz/kontakt?heyyyyyyyyy %

  1. Can you confirm this behavior? I can confirm it on my computer, office computer, my wife on her WIX’s website can, be it on mobile or tablet etc.

  2. Is there any Corvid code, which I can put into my header, that will take care of this exception? Or developers of WIX should handle it? As “%” signs are used to show local characters, anytime anyone calls WIX URL with local character in parameter, error 500 follows - that’s a serious problem. Note that I don’t need to parse any parameters - just discard them and show the original page.

I’m not letting this slide, because it seems quite important - just putting “%” on any wix address results into WIX server error 500. Do you know about this? Can you solve it, or can I solve it?

Vladimir, your question does not belong to Wix Corvid, but since you are so persistent, I will help you:
ad 1)
"results in showing the original page:
https://www.psychoterapie-marcek.cz/kontakt "
no, it doesn´t. If you just click the address bar, you will see that the whole URL is still there. This is a feature of every modern browser, to make the URL´s look less imposing
ad 2) the %-thing. Again, no. You state " As “%” signs are used to show local characters, ". No, you are mistaken, this is not what they are used for. The % is a escape-sequence marker, to be followed by a hex value. So a page called “My Page” would be URL-encoded into “My%20Page”, where ASC 32 = hex20.

I´m afraid you have got the concept wrong. Hope this helps, if not, read up on the internet about URL-encodiing and ISO-codes.

Hello Giri, thanks for attending to my request (I’m sorry I misplaced it).

Unfortunately, the issue is not about “what does % mean”, but that using this character in fairly common way leads to WIX server error.

So thank you for making my question more precise, but I’m afraid it’s still an open issue. And if this is not the right place, do you recommend I try to ask one more time on WIX support?

Hi,

The % is a escape-sequence marker, to be followed by a hex value

Giri is right on this one. It is supposed to be used like below:

This:
https:(//)www.careerstork(dot)com/jobs?keyword= digital strategist &country= United States

Becomes this:
https://www.careerstork.com/jobs?keyword=digital%20strategist&country=United%20States

Hello, I am not doubting Giri or you - but even when you follow % by a hex value, it can cause WIX internal server error:

https://www.psychoterapie-marcek.cz/platba-ok?example+%FA
https://www.psychoterapie-marcek.cz/platba-ok?example+%9A

Vladimir, I now do believe you stumbled onto something. When I was capturing packets on port 666 (running 53-bits latest Netscape version on Xinix), I got this:

Base64 warning : SWdub3JhbmNlIGFuZCBhcnJvZ2FuY2UsIHRoaXMgZGVhZGx5IGNvbWJpbmF0aW9u

Might be a zero-day vulnerability you discovered. But in any case, I would strongly suggest going back to Wix regular support and tell them about this discovery. Good luck.