Solved

Can I use sendRedirect() and hide parameters?

Posted on 2001-09-18
12
436 Views
Last Modified: 2007-12-19
I need to forward users to another domain say, "http://www.thenewdomain.com" and there are some required parameters that need sending say, "login="joe".

I know that I can create one full string "http://www.thenewdomain.com?login=joe" and use sendRedirect() but when I do that the parameters show up in the URL Address line of the browser.  I need to hide those parameters similar to the HTML GET.

Does anyone know of a way to do that??

Thanks!
0
Comment
Question by:pzila
  • 4
  • 2
  • 2
  • +3
12 Comments
 
LVL 15

Expert Comment

by:a.marsh
Comment Utility
You mean similar to HTTP POST, not GET.

It can't be done using sendRedirect. You actually need to build the POST request within the servlet.

I'm afraid I don't have any example code.......I'll see what I can find.

:o)

Ant
0
 
LVL 19

Expert Comment

by:cheekycj
Comment Utility
Unfortunately with Servlets you cannot add GET or Post Parameters.

You can add attributes (java objects, strings, etc) to the request object.

Then you can forward the request to a JSP that will have access to all the attributes you attached to the request object.

The only way I have seen adding of Parameters (like FORM GET/POST) is when you do JSP include of a file and pass parameters via the Jsp:param tag.

CJ
0
 
LVL 6

Expert Comment

by:holli
Comment Utility
encrypt the parameter, then it can be seen but not understood or correctly changed.
0
 

Expert Comment

by:beegled
Comment Utility
holli,

I have a question.  If you pass the login and password like http://login:password@www.website.com/, is there a way to encrypt that login and password and still have it work?

David
0
 
LVL 6

Expert Comment

by:holli
Comment Utility
once you do not have a https - connection all text will be transferred unencrypted in clear text.
to be sure, use a https for the login.
0
 
LVL 19

Expert Comment

by:cheekycj
Comment Utility
You can use Encryption methods just for Login and Password.. but passing them via the URL is still not a good approach.  For maximum security rely on FORM posts over SSL.

CJ
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Expert Comment

by:beegled
Comment Utility
Unfortunately, in this specific case, I can only use http and have to add it to the url.  Oh well, not a biggie, thank you.
0
 
LVL 19

Expert Comment

by:cheekycj
Comment Utility
Then I would use one of the many crypt libs available to encrypt the username and password.. and then use the URL.

CJ
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
Comment Utility
This question has been abandoned. I will make a recommendation to the
moderators on its resolution in a week or two. I appreciate any comments
that would help me to make a recommendation.

Cd&
0
 
LVL 19

Expert Comment

by:cheekycj
Comment Utility
I am not sure here.. probably just PAQ it.

CJ
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
Comment Utility
It is time to clean this abandoned question up.  

I am putting it on a clean up list for CS.

<recommendation>
zero PAQ

</recommendation>

If anyone participating in the Q disagrees with the recommendation,
please leave a comment for the mods.

Cd&
0
 
LVL 5

Accepted Solution

by:
Netminder earned 0 total points
Comment Utility
Per recommendation, points refunded and question closed by
Netminder
CS Moderator
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Problem to be resolved in this article Currently, development of website and web application can be done without writing thousands of lines of programming code by hand. Description This can be done through by using a open source framework such …
I've been asked to discuss some of the UX activities that I'm using with my team. Here I will share some details about how we approach UX projects.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now