You need to URL encode it For example, "@" would become "%40"
But take into account that sending user and password through HTTP and/or through GET (parameters in the query string) is not a good idea... Try using POST method under HTTPS.
I will go ahead and add my comment to this answer, for visibility:
Even if it's local network and you are using HTTPS it's unsafe to send the password through GET... Imagine that I'm an admin and someone is behind me (who is not an admin), when I submit the form they can simply go and check the URL and know my password. Not a good idea, right?
It's like using a <input type="text"/>
instead of a <input type="password"/>
for the password.