Using query strings to send Parameters from one Page to next page , giving the visitor of a web application the opportunity of modifying query strings by transmitting them in clear text, is certainly a potential security threat. Thus, I encrypt query strings, even if they do not contain confidential data. However, I am aware that it is still possible to alternate an encrypted query string Using some other math codes.
So, let's get down to the code here is basic encryption
In form code:
<div>
<asp:TextBox ID="txt1" runat="server"></asp:TextBox>
<asp:Button ID="btn1" runat="server" Text="Button" onclick="btn1_Click" />
</div>
In c#:
in Form1.aspx:
string encodedString;//Declare this is in Global
protected void btn1_Click(object sender, EventArgs e)
{
string str = txt1.Text;
encodedString = (Convert.ToBase64String(System.Text.ASCIIEncoding.ASCII.GetBytes(str)));
Response.Redirect("~/laterRQ.aspx?str=" + encodedString);
}
in Form2.aspx:
take one Label in Form2.aspx and Display the text,
<asp:Label ID="lbl" runat="server"></asp:TextBox>
string decodedString;//Declare this is in Global
protected void Page_Load(object sender, EventArgs e)
{
decodedString = System.Text.ASCIIEncoding.ASCII.GetString(Convert.FromBase64String(Request.QueryString["str"]));
lbl1.Text = decodedString;
}
No comments:
Post a Comment