如何在 C# 中加密/解密 url [英] How to encrypt/decrypt the url in C#
问题描述
我有一个网址 www.site-address/site-page/page1.aspx?username=deepu&password=deepu如何将 URL 更改为www.site-address/site-page/page1.aspx?username=232322323232&password=2323232322323即我想加密我通过 URL 传递的字段,请帮助我使用 .net 加密和解密 C# 中的 URL,现在我正在使用 response.redirect 并将这些值作为查询字符串传递....请帮助....
I have a URL www.site-address/site-page/page1.aspx?username=deepu&password=deepu how can i change the URL to www.site-address/site-page/page1.aspx?username=232322323232&password=2323232322323 ie i want to encrypt the fields i pass through the URL please help me to encrypt and decrypt the URL in C# using .net,now i am using response.redirect and pass these values as query string....pls help....
推荐答案
您的方法有缺陷,加密并不能真正解决根本问题.如果您通过网络"出去,您将很少(不应该)看到您所描述的模式,即使它是加密的.
Your approach is flawed and encrypting will not really help the underlying problem. If you go out across the 'net you will rarely (should never) see a pattern like what you are describing, even if it is encrypted.
相反,您应该尽可能安全地将用户凭据存储在服务器上,并在查询字符串中传递一个唯一的、短暂的会话令牌,您可以使用它来查找凭据.
Instead you should store the user credentials as securely as possible on the server and pass a unique, short-lived session token in the querystring that you can use to look up the credentials.
至于在服务器上安全存储,一旦您第一次收到用户的密码,您应该使用单向散列,例如 SHA256,并加盐.你可以在任何地方传递这个值,存储它,并验证将潜在密码的 has 与你存储的哈希值进行比较.将用户的密码视为有毒废物 - 尽快将其丢弃.您想从事密码存储业务与从事有毒废物存储业务一样严重.
As for storing securely on the server, once you've receive the user's password the first time, you should use a one-way hash, like SHA256, with a salt. You can pass this value wherever, store it, and to validate compare the has of a potential password to the hash you have stored. Treat a user's password like toxic waste - throw it away as quickly as possible. You want to be in the password storing business about as badly as you want to be in the toxic waste storing business.
(从我的 iPhone 上回答,即将提供链接或者如果有人想帮助我!:))
(Answered from my iPhone, links forthcoming or if someone wants to help me out! :))
这篇关于如何在 C# 中加密/解密 url的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
