Form Post Method Encryption

Posted on 2005-05-03
Last Modified: 2008-02-01
I have an online job application that I'm told needs to be encrypted even though I'm using the POST method, rather than GET.  We do not support SSL, and I need to ensure that the transmission of this information is secure.  Once the form is submitted, the information is stored in a database, and uses the replace function to create an HTML formatted email to send to recipient.  

How can I encrypt this transmission of data and still allow my replace function to format the email correctly in HTML?
Question by:johnson00
    LVL 10

    Expert Comment

    Hi johnson00,

    There is no simple reliable secure way other than SSL, even if you wrote a javascript algorithm the source would be available for all to see

    LVL 2

    Author Comment

    So this isn't possible by forcing RC4 encryption?  Any other opinions on the topic out there?
    LVL 4

    Expert Comment

    If you want to be really secure, and not use ssl, as far as I see, you've only got two real options - ActiveX or Java.

    Of the two, I'd recommend Java, as you won't have to request authentication from the user. A simple applet should do it - an embedded input box, with built in encryption. A serious hacker might download the java class file and de-compile it, but it would be a lot of hard work. Again, I reckon you've got two options - build the entire form as an applet, or build a Java applet to read the form inputs, encrypt the data, and transmit. I think I'd probably do the latter, and make the applet look like a submit button...

    There's quite a lot of issue to consider - and maybe the one to look at is why SSL isn't an option. If the data is really that critical, then it should be. It's proven, it works, and it's the best option out there at present. If it's only semi-critical, then my solution will do it.
    LVL 2

    Author Comment

    Yes, the data is critical and could cost the business some hefty fines if the security is compromised.  What is the process for purchasing, installing, and working with an SSL certificate?
    LVL 10

    Accepted Solution


    take a look at or the process is reasonably straight forward depending on your server (I use IIS, not too sure about linux boxes) you need a cert per domain, there are some issues to be aware of especially when using cookies & sessions but nothing that serious



    Featured Post

    Training Course: Adobe Dreamweaver CC 2015

    Adobe Dreamweaver Creative Cloud is used by web designers and front-end developers and allows you to visualize your site in real-time as you code. This course covers exam objectives for the Adobe Certified Associate (ACA) certification.

    Join & Write a Comment

    Suggested Solutions

    I recently decide that I needed a way to make my pages scream on the net.   While searching around how I can accomplish this I stumbled across a great article that stated "minimize the server requests." I got to thinking, hey, I use more than one…
    Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now