在MVC3中加密和解密查询字符串? [英] Encrypt and decrypt query strings in MVC3?
问题描述
我正在使用MVC3。我有几页不需要身份验证,但这些页面的查询字符串可能会被篡改。这些页面适用于不需要进行身份验证的访客的信息收集表单。我打算在发送给用户时对这些URL进行加密,并在它们点击时对其进行解密,在MVC3中加密和解密查询字符串的最佳方法是什么,还是有其他解决方案适用于这种情况?
给我发一个指针如果有任何模块我可以重复使用...
感谢你的帮助
谢谢
I am using MVC3. I have a couple of pages which do not require authentication but these pages have querystrings which could be tampered. These pages are for info collection forms for guests which do not need to be authenticated. I am planning to encrypt these urls when sending to users and decrypt it back when they hit it, what is the best way to encrypt and decrypt query strings in MVC3 or is there any other solution for such scenario?
Send me a pointer If there is any module that I can reuse...
Appreciate your help
Thanks
推荐答案
如果是我,我只是序列化表单并调用控制器方法用AJAX。如果您发布帖子,查询字符串将不会对用户可见。 AJAX调用成功后,您可以将它们转发到您希望它们的下一页。我已经包含了一些示例代码来使用这种方法。
If it was me I would just serialize the form and call the controller method with AJAX. If you do a post the query string won''t be visible to the user. After the AJAX call is successful you can forward them on to the next page you want them on. I have included some example code to do use this method.
var formInfo =
( #FormName)。serialize ();
("#FormName").serialize();
.ajax({
type: POST ,
url: ControllerMethod,
数据: formInfo,
错误: function (xhr,ajaxOptions,thrownError){
// 处理错误的代码
},
成功:功能(数据) {
// 成功上传后执行任何操作的代码。
}
});
.ajax({ type: "POST", url: "ControllerMethod", data: formInfo, error: function (xhr, ajaxOptions, thrownError) { //Code to handle an error }, success: function (data) { //Code to do what ever you want once successfully uploaded. } });
除此之外,我不确定加密URL的方法。浏览器需要能够解释URL以知道要去哪个页面,所以我不认为这是可能的。但我可能是错的。
您还可以加密单个值,然后以这种方式在URL中传递它们。这需要做很多工作。您需要在服务器上调用一个方法来加密输入的每个值,而不是将加密值存储在某个位置的表单中。我说在服务器上加密的原因是因为客户端代码被下载到计算机上,所以任何人都可以访问它并看看你是如何进行加密的。
希望这有帮助。
Other than that I am not sure of a way to encrypt the URL. The browser needs to be able to interpret the URL to know which page to go to so I don''t think this will be possible. But I could be wrong.
You could also encrypt the individual values then pass them in the URL that way. That would take a lot of work though. You would need to call a method on the server to encrypt each value entered than store the encrypted value in the form some where. The reason I say to encrypt on the server is because client side code is downloaded to the computer so anyone would have access to it and see how you were doing the encryption.
Hope this helps.
这篇关于在MVC3中加密和解密查询字符串?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
