In this example, I am trying to filter for projects that have the field ‘Client’ equals ‘AT&T’. So, I would write the query as,
https://sgsglobal.sharepoint.com/sites/pwa2/_api/ProjectData/Projects/?$filter=Name eq ‘AT&T’
This would yield a result like this:
This is because ‘&’ is a special character that has special meaning when used in a URL Query.
If you are old timer with SQL or have development background, you may know how to handle these. But if you are new to OData like me, you need to know that some of the special characters cannot be used in a URL query, and need to encoded.
So, long story short, you have to encode ‘&’ as ‘%26%’, before using them in your URL Query.
https://sgsglobal.sharepoint.com/sites/pwa2/_api/ProjectData/Projects/?$filter=Name eq ‘AT%26T’
Now you will be be able to get the results, as shown below.
The other special characters, that need to be encoded are as below:
More information could be found at: http://msdn.microsoft.com/en-us/library/aa226544(SQL.80).aspx
February 14, 2015 at 4:17 pm
Great post, thanks for sharing!
August 10, 2017 at 6:32 am
What if i want to send the name with single quote ? Ex: ‘Mike’s’
August 10, 2017 at 4:18 pm
The correct way to escape is to place two single quotes into the string instead one. In example “o”clock” (ref: https://stackoverflow.com/questions/3979367/how-to-escape-a-single-quote-to-be-used-in-an-odata-query)
December 22, 2017 at 9:18 am
My WebAPI 2 controller (OData v4) is not responding to escaped characters. I’m getting the following response:
A potentially dangerous Request.Path value was detected from the client (&).
I’m aware there’s a web.config workaround…
<httpRuntime requestValidationMode=”2.0″ requestPathInvalidCharacters=”*,%,:” />
But this is technically less secure, I believe. Curious about your thoughts.
March 4, 2020 at 8:24 am
You should also encode the single quote ‘, into %27%27 😉