SOLVED!
The answer was something I should have seen right away. It has been years since I had to write HTTP code to pass data between the browser and the server through a URL. But back then I knew that some characters had special meanings.
In the problem I was facing, the system would not log into the webpage. I tried the normal authentication on the WEB CARD, and the TWO URL based examples I provided. All failed.
Then I tried the first Embedded URL, but I encoded the special characters. Let’s say the password was ABC#123%BLUE$
All the special characters have a meaning when in a URL. They need to be encoded to prevent a webserver from trying to act on them as special codes.
When I encoded the special characters the WEB CARD was finally able to log into the site.
The example password would look like this once encoded: ABC%23123%25BLUE%24
The “%23123” are looks like it might get confused. But the escape encoding is in Hex and only uses two digits after the “%” symbol.
The”123” part does not get confused with the escaped character “%23”
Some characters are designated as "reserved" (like $, +, ,, ;, /, ?, :, @, =, &) because they are used for specific purposes. Other characters, including spaces and characters like " , <, >, and #, are considered "unsafe" and must be encoded to prevent misinterpretation.
| Character | URL Escape Codes | String Literal Escape Code |
| SPACE | %20 | $20 |
| < | %3C | $3C |
| > | %3E | $3E |
| # | %23 | $23 |
| % | %25 | $25 |
| + | %2B | $2B |
| { | %7B | $7B |
| } | %7D | $7D |
| | | %7C | $7C |
| \ | %5C | $5C |
| ^ | %5E | $5E |
| ~ | %7E | $7E |
| [ | %5B | $5B |
| ] | %5D | $5D |
| ‘ | %60 | $60 |
| ; | %3B | $3B |
| / | %2F | $2F |
| ? | %3F | $3F |
| : | %3A | $3A |
| @ | %40 | $40 |
| = | %3D | $3D |
| & | %26 | $26 |
| $ | %24 | $24 |
