Solved

Passing querystrings securely or with hidden values

Posted on 2008-10-29
2
483 Views
Last Modified: 2012-05-05
Hi There

I have two web sites a ASP.NET  and an old legacy ASP system.
I want to have a site link that passes parameters in a querystring to the asp website.

My problem is that I will be passing user information from in a querystring I would like to hide those values or make sure that the asp website only exepts calls from the asp.net page.

HERE is the url i am using

<a href="http://legacysite/login.asp?UserID=<%=Session["Docter_Username"]%>&Password=<%=Session["Docter_Password"]%>"  target="_blank">

If there are any other suggestions on how to do this please let me know.

Both systems will be running on SSL
0
Comment
Question by:Stanton_Roux
2 Comments
 
LVL 50

Expert Comment

by:Ryan Chong
ID: 22829094
try "POST" to your old asp portal, instead of pass those parameters via QueryString ?
0
 
LVL 10

Accepted Solution

by:
jinn_hnnl earned 500 total points
ID: 22829099
The best way you can do is encrypt your querystring, this method we normally use when we have to transfer pages across multiple framework.

You can take a look here
http://sqlserverjunkies.com/HowTo/99201486-ACFD-4607-A0CC-99E75836DC72.dcik
http://www.simple-talk.com/dotnet/asp.net/a-complete-url-rewriting-solution-for-asp.net-2.0/
or
http://www.devcity.net/Articles/47/1/encrypt_querystring.aspx

JINN


0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Just a quick little trick I learned recently.  Now that I'm using jQuery with abandon in my asp.net applications, I have grown tired of the following syntax:      (CODE) I suppose it just offends my sense of decency to put inline VBScript on a…
Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question