The ParseQueryString method uses UTF8 format to parse the query string In the returned NameValueCollection, URL-encoded characters are decoded and multiple occurrences of the same query string parameter are listed as a single entry with a comma separating each value.
The ParseQueryString method uses query strings that might contain user input, which is a potential security threat. By default, ASP.NET Web pages validate that user input does not include script or HTML elements. For more information, see Script Exploits Overview.
The following code example demonstrates how to use the ParseQueryString method. Multiple occurrences of the same query string variable are consolidated in one entry of the returned NameValueCollection.