通过URL传递隐藏参数 [英] passing hidden parameter through the URL

问题描述

你好
如何通过ASP.NET和C#中的URL传递隐藏参数 我想传递三个参数，其中两个未被隐藏，其中一个被隐藏
所以网址看起来像
......?p1 = val1&p2 = val2
但实际上包含p3 = val3
感谢all

hello
how can I pass hidden parameter through the URL in ASP.NET and C#
I want to pass three params two of them are not hidden and one of them is hidden
so the URL looks like
...............?p1=val1 &p2=val2
but it actually contains p3=val3
thanks all

推荐答案

查询(GET)参数始终进行urlencode并以明文形式传递，与字段的类型无关. POST参数不会在查询中传递，它们会在请求正文以及COOKIE中进行编码.
您甚至可以通过在发布请求中使用查询参数来组合"它们.
因此，您实际上无法隐藏任何字段，只能将其移至请求正文，因此它不会那么明显，但任何具有http知识的人都可以轻松找到它.

您可以对查询字符串进行加密，但这并不是对流量进行真正的加密，需要更多的知识来破解，但可能会阻止许多人看到传递的值.例如，请参见此示例: http://madskristensen.net/post/HttpModule-for-query- string-encryption.aspx [ ^ ](但还有更多类似的方法...)

Query (GET) parameters are always urlencoded and passed as cleartext, independent of the type of the field. POST parameters are not passed in the query, they are encoded in the request body, as well as the COOKIEs.
You can even "combine" them, by using query parameters in a post request.
So you can not actually hide any field, only move it to the request body, thus it will be not so obvious, but can be easily found by anyone having some http knowledge.

You can encrypt the query string, but that is no real encryption of the traffic, needs a little more knowledge to crack, but can hinder many from seeing the values passed. See this one for example: http://madskristensen.net/post/HttpModule-for-query-string-encryption.aspx[^] (but there are more approaches like this out there...)

出于安全原因，我认为您想隐藏第3个参数.但是，为什么要依赖传递参数呢?您甚至可以在任何隐藏字段中使用 Session/Cache/Cookies/Store，并使用Page.PreviousPage 进行获取.

您可以使用 GET/POST 发送请求，无法混合请求.因此，我建议您使用上面提到的一种方法.

谢谢
-Amit Gajjar

Hi,

I think you want to hide your 3rd parameter for the security reason. But why you depend on passing parameter? you can even use Session/Cache/Cookies/Store in any hidden field and get it using Page.PreviousPage.

You can send request with either GET/POST, mixing of request is not possible. So i suggest you to use one of the method i have mention above.

Thanks
-Amit Gajjar

即使我不了解使用隐藏值的目的，您也可以
使用隐藏的字段和查询字符串可以解决此问题.

Hi,

Even if I do not understand the purpose of using hidden value, you can
use hidden Fields and Query Strings solve the purpose.

<input type="hidden" value="Value That You Need to Store" id="KeyName">

在目标页面中，使用以下代码访问此字段值.

in the target page use the following code to access this field value.

String strValue = Request.Params["KeyName"];

谢谢!!!!!

Thanks!!!!!

这篇关于通过URL传递隐藏参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！