Hied Query String

  • Thread starter Thread starter Hemant
  • Start date Start date
H

Hemant

Hi,
I am woring on a web application in vb.net 2005
I want to hide my querystring. I don't want to store ID in session or cache
or cookes.
I have to do this with query string.so I want to hide this.
How can i do this ?
Please help me.
Thanks,
Hemant
 
Hemant said:
Hi,
I am woring on a web application in vb.net 2005
I want to hide my querystring. I don't want to store ID in session or
cache or cookes.
I have to do this with query string.so I want to hide this.
How can i do this ?
Please help me.
Thanks,
Hemant



Try this (used to hide a file path, but adaptable for a query string):

Encrypting
-----------
In the vb code:
Public SessID As String= Session.SessionID
Public Mycoder As New Encryption64

In the source: (FileName and FIleFullPath come from a database)
NavigateUrl='<%# "TargetPage.aspx/" + eval("FileName").replace(".","_") +
"?path=" + mycoder.encrypt((Eval("FileFullPath")),sessid) %>'
Target="_blank"

Decrypting
-----------
Dim Mycoder As New Encryption64
Dim SessID As String = Session.SessionID
Dim Query As NameValueCollection = Request.QueryString
Mycoder.Decrypt(Query("path").Replace(" ", "+"), SessID)

Class Encryption64:
Imports System
Imports System.IO
Imports System.Xml
Imports System.Text
Imports System.Security.Cryptography
Public Class Encryption64
'Copied from Technet, private key changed
Private key() As Byte = {}
Private IV() As Byte = {&H15, &H66, &H75, &H39, &H92, &HCF, &HCB, &HDF}

Public Function Decrypt(ByVal stringToDecrypt As String, ByVal
sEncryptionKey As String) As String
Dim inputByteArray(stringToDecrypt.Length) As Byte
Try
key = System.Text.Encoding.UTF8.GetBytes(Left(sEncryptionKey, 8))
Dim des As New DESCryptoServiceProvider()
inputByteArray = Convert.FromBase64String(stringToDecrypt)
Dim ms As New MemoryStream()
Dim cs As New CryptoStream(ms, des.CreateDecryptor(key, IV),
CryptoStreamMode.Write)
cs.Write(inputByteArray, 0, inputByteArray.Length)
cs.FlushFinalBlock()
Dim encoding As System.Text.Encoding = System.Text.Encoding.UTF8
Return encoding.GetString(ms.ToArray())
Catch e As Exception
Return e.Message
End Try
End Function

Public Function Encrypt(ByVal stringToEncrypt As String, ByVal
SEncryptionKey As String) As String
Try
key = System.Text.Encoding.UTF8.GetBytes(Left(SEncryptionKey, 8))
Dim des As New DESCryptoServiceProvider()
Dim inputByteArray() As Byte = Encoding.UTF8.GetBytes( stringToEncrypt)
Dim ms As New MemoryStream()
Dim cs As New CryptoStream(ms, des.CreateEncryptor(key, IV),
CryptoStreamMode.Write)
cs.Write(inputByteArray, 0, inputByteArray.Length)
cs.FlushFinalBlock()
Return Convert.ToBase64String(ms.ToArray())
Catch e As Exception
Return e.Message
End Try
End Function
End Class
 
Hello Hemant

You can hide querystrings only when using frames ( but in current ASP.Net
architecture this is not encouraged )
you could post the values to the other page but this will give you the
famous viewstatemac errors ( wich is possible to overcome but with the price
of degraded security )

But there is another way to do exactly what you want that doesn`t use
session , cache or cookies , and it is the Context object
the context is server side and only alive for the current server transfer .

so you could simply use anny event on your page fill the context object with
the required values perform a server side navigation ( server.transfer )
and get the values out of the context object , there is only one drawback
or advantage just how you look at it , the client isn`t aware of the server
side transfer and still shows the original url

personally i combine this technique with hidden fields to store my
information , when an event takes place that should bring me to anaother
page and i need the values i simply get them out of the hiddenfield store
them in a context object perform a transfer and get them out of the context
, as soon as the current request is out of scope the context object is
emptied this in contradiction to the session wich will hold a copy of the
values as long as the session is alive.

HTH

Michel Posseth
 
Back
Top