加密URL中的参数 [英] Encrypting Parameters in URLs
问题描述
我有一个如下所示的网址:
http:// localhost:8001 / jasperserver& reportUnit = somereport& username = cghan& password = somepasswrd b
确保这一点的最佳方法是什么?
正如你所看到的,密码是清除的网站,以及其他一些参数。 $ b使用SSL加密,即HTTPS。这使得它可以在互联网上为每个人加密,但它仍然可以在地址栏中阅读。
不建议通过URL发送密码参数,例如。 HTTP POST。您应该将密码作为HTTP POST发送。
I have a URL that looks like this:
http://localhost:8001/jasperserver&reportUnit=somereport&username=cghan&password=somepasswrd
As you can see, the password is in clear site, along with some other parameters.
What's the best way to secure this?
Use SSL encryption, i.e. HTTPS. This makes it encrypted for everyone on the internet but it is still readable on the address bar.
It is not recommended to send password parameters through URL, e.g. HTTP POST. You should send password as HTTP POST.
这篇关于加密URL中的参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
