The Query string is insecure
-
I'm using a querystring to pass values from a page to page. Now the thing is if you copy the URL, close the application, open IE and paste the URL, you get the same page. So, since I believe I'm passing sensitive information I think this is very much insecure. Please help me secure my information. Say if "the crook" pastes the URL, I want my application to prompt them to login first.
ML Lingwati
-
I'm using a querystring to pass values from a page to page. Now the thing is if you copy the URL, close the application, open IE and paste the URL, you get the same page. So, since I believe I'm passing sensitive information I think this is very much insecure. Please help me secure my information. Say if "the crook" pastes the URL, I want my application to prompt them to login first.
ML Lingwati
LucBite wrote:
I want my application to prompt them to login first.
You can use
Sessionover here. On login Page, after authentication, Store the userID in Session. like,Session["UserID"]=userID;
Now, validate the information in every page when you need,
Protected Void Page_Load(Object Sender, EventArgs e)
{
if(Session["UserID"] == null)
{
Response.Redirect("Login.aspx");
}
else
{
// Show information
}
}LucBite wrote:
So, since I believe I'm passing sensitive information I think this is very much insecure.
There is verious way to make it Secure. You can use encrypted Query String, How to Encrypt Query String Parameters in ASP.NET Query string encryption for ASP.NET Hope this will help you :-D
Abhijit Jana | Codeproject MVP Web Site : abhijitjana.net Don't forget to click "Good Answer" on the post(s) that helped you. View My Latest Article