• Post Reply Bookmark Topic Watch Topic
  • New Topic

Encrypting HTML parameter when using GET  RSS feed

 
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi, would like to hide data or parameter on URL when sending using GET ... I believe the possible way is to encrypt that parameter but not sure how to. Are there any examples somewhere?
 
Rancher
Posts: 42972
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What are you trying to protect against?
 
Songezo Nkukwana
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:What are you trying to protect against?


Well, the user viewing the page ... They mustn't see the passed parameter
 
Sheriff
Posts: 21135
87
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then you should use POST, not GET.
 
Ulf Dittmer
Rancher
Posts: 42972
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then you need to encrypt the parameter on the server-side before sending it to the client. And if it's encrypted, then there's no problem with showing it in the URL, because the user can't make sense of it.

A better alternative to round-tripping a value to the client and back would be to store it in a server-side session, though.
 
Songezo Nkukwana
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:Then you need to encrypt the parameter on the server-side before sending it to the client. And if it's encrypted, then there's no problem with showing it in the URL, because the user can't make sense of it.

A better alternative to round-tripping a value to the client and back would be to store it in a server-side session, though.


Thanks, will look at these options
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!