troubleshooting Question
QueryString Security in ASP.NET 2.0
For security reasons, I'm trying to create an algorithm that prevents querystrings on a website from being hackable. To do this, I'm tacking a securely generated checksum based on the querystring value onto the end of the querystring as a page request begins using the Begin_Request event in global.asax. I can tack the checksum onto the querystring fine, and I can prevent the user from editing the querystring, and I can even prevent the user from deleting the checksum after the page has loaded for the first time. However, I cannot prevent the user from typing in a custom querystring on their own the first time a page loads without a checksum, which in effect defeats my security system. What I'm assuming needs to be done here is to create a method to apply the checksum to a URL with a querystring before the page even begins loading. Anyone have an idea how to accomplish this?
The Value of Experts Exchange in My Daily IT Life
Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>
Mike
Owner of Outages.IO
Phoenix, Arizona, United States
Member Since 2016
Join a full scale community that combines the best parts of other tools into one platform.
Unlock 1 Answer and 4 Comments.
View membership options“All of life is about relationships, and EE has made a virtual community a real community. It lifts everyone's boat.”
William Peck
Member since 2004
Our community of experts have been thoroughly vetted for their expertise and industry experience.