加密查询字符串 [英] encrypting query string
本文介绍了加密查询字符串的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我要通过查询字符串发送一些数据。但由于安全原因,我不希望它被看作是b $ b。有没有办法加密它
后来在读取查询字符串时解密...?
我会对一些示例代码感到非常满意。
I''am sending some data by the querystring. But I don''t want it to be
seen exactly because of security reasons. Is there a way to encrypt it
and later decrypt when reading the querystring...?
I would be very happy with some sample code.
推荐答案
出于安全考虑,使用查询字符串发送任何敏感数据通常是个坏主意,
。 />
您需要使用System.Security.Cyptography类进行加密。你可以做的是什么
使用RC4加密来加密你的字符串,然后将它转换为
到Hex,这样它就可以安全地在查询字符串中传递。
我已经用经典ASP完成了这个,但还没有把它转换成
..net,所以不幸的是我没有代码示例。如果你想看看经典的ASP版本
,请告诉我。
希望这会有所帮助,
Mun
" Onur Bozkurt" < onur.bozkurt @ ofthome.net>?;在消息中写道
新闻:Oz ************** @ TK2MSFTNGP11.phx.gbl ...
It''s generally a bad idea to send any sensitive data using the querystring,
for security purposes.
You''ll need to encrypt using the System.Security.Cyptography classes. What
you can do is use RC4 encryption to encrypt your string, and then convert it
to Hex so it can safely be passed in the querystring.
I''ve done this in classic ASP, but haven''t got round to converting it to
..net yet, so unfortunately I don''t have a code sample. If you''d like to see
the classic ASP version, let me know.
Hope this helps,
Mun
"Onur Bozkurt" <onur.bozkurt@?ofthome.net> wrote in message
news:Oz**************@TK2MSFTNGP11.phx.gbl...
我发送消息查询字符串中的一些数据。但由于安全原因,我不希望它被完全看到。有没有办法对它进行加密
然后在读取查询字符串时解密...?
我会对一些示例代码感到非常满意。
I''am sending some data by the querystring. But I don''t want it to be
seen exactly because of security reasons. Is there a way to encrypt it
and later decrypt when reading the querystring...?
I would be very happy with some sample code.
这种情况的真正问题是他想加密数据和
然后把它放入查询字符串。如果该数据控制页面的功能
,那么它是否加密并不重要。 URL将
仍调用查询字符串参数
指定的页面中的功能,无论用户是否有理解它的能力。
< br $> b $ b -
HTH,
Kevin Spencer
Microsoft MVP
..Net开发人员
http://www.takempis.com
大事由
很多小东西组成。
Munsifali Rashid <门@ ** ** RemoveToReply&vefuk.com GT;在消息中写道
news:uo ************** @ TK2MSFTNGP12.phx.gbl ...
The real problem with this situation is that he wants to encrypt data and
then put it into the Query String. If that data controls the functionality
of the page, it doesn''t matter whether it''s encrypted or not. The URL will
still invoke the functionality in the page that the Query String parameter
specifies, regardless of the user''s ability to understand it.
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
http://www.takempis.com
Big things are made up of
lots of little things.
"Munsifali Rashid" <mun@**RemoveToReply**vefuk.com> wrote in message
news:uo**************@TK2MSFTNGP12.phx.gbl...
一般来说出于安全考虑,使用
查询字符串发送任何敏感数据是一个坏主意。
您需要使用System.Security.Cyptography类进行加密。
您可以做的是使用RC4加密来加密您的字符串,然后将
转换为Hex,以便可以安全地在查询字符串中传递。
我已经完成了这在经典的ASP中,但还没有把它转换为
.net,所以不幸的是我没有代码样本。如果你想看
看经典的ASP版本,请告诉我。
希望这会有所帮助,
Mun
Onur Bozkurt < onur.bozkurt @ ofthome.net>?;在消息中写道
新闻:Oz ************** @ TK2MSFTNGP11.phx.gbl ...
It''s generally a bad idea to send any sensitive data using the querystring, for security purposes.
You''ll need to encrypt using the System.Security.Cyptography classes. What you can do is use RC4 encryption to encrypt your string, and then convert it to Hex so it can safely be passed in the querystring.
I''ve done this in classic ASP, but haven''t got round to converting it to
.net yet, so unfortunately I don''t have a code sample. If you''d like to see the classic ASP version, let me know.
Hope this helps,
Mun
"Onur Bozkurt" <onur.bozkurt@?ofthome.net> wrote in message
news:Oz**************@TK2MSFTNGP11.phx.gbl...
我发送一些数据请求参数。但由于安全原因,我不希望它被完全看到。有没有办法对它进行加密
然后在读取查询字符串时解密...?
我会对一些示例代码感到非常满意。
I''am sending some data by the querystring. But I don''t want it to be
seen exactly because of security reasons. Is there a way to encrypt it
and later decrypt when reading the querystring...?
I would be very happy with some sample code.
由于我的便便,我无法理解你究竟要说什么
english。你的意思是它仍然不安全。?
有没有办法以更安全的方式做到这一点......?
Kevin Spencer写道:
I couldn''t understand what exactly you wan''t to say because of my poo
english. You mean is it still unsecure.?
Is there a way to do this in a more secure way...?
Kevin Spencer wrote:
这种情况的真正问题是他想加密数据然后将其放入查询字符串中。如果该数据控制页面的功能,那么它是否加密并不重要。无论用户是否能够理解它,URL都将仍然调用查询字符串参数指定的页面中的功能。
The real problem with this situation is that he wants to encrypt data and
then put it into the Query String. If that data controls the functionality
of the page, it doesn''t matter whether it''s encrypted or not. The URL will
still invoke the functionality in the page that the Query String parameter
specifies, regardless of the user''s ability to understand it.
这篇关于加密查询字符串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
