Encrypt/Encode URL

Results 1 to 2 of 2

Thread: Encrypt/Encode URL

  1. #1
    Join Date
    Dec 1969

    Default Encrypt/Encode URL

    How could I encrypt a URL which consists of querystring variables carrying confidential information from one page to another ?<BR><BR>For eg :- http://www.hotmail.com/index.asp?user=sanjay&pwd=abc<BR><BR>Here I do not want the value in the variables &#039;user&#039; and &#039;pwd&#039; to be readable.<BR><BR>Do I also need to decrypt the URL ? If yes then how?<BR><BR>Mukesh

  2. #2
    Join Date
    Dec 1969

    Default RE: Encrypt/Encode URL

    1. don&#039;t use the querystring<BR>2. use POST, and if you&#039;re still worried, use HTTPS (SSL)<BR>3. of course, it&#039;s possible to &#039;encrypt&#039; the querystring, but since the encoding process would need to be done client-side, the algorithm is exposed and therefore insecure.<BR><BR><BR><BR>j<BR>http://rtfm.atrax.co.uk/

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts