Solved

Passing querystrings securely or with hidden values

Posted on 2008-10-29
2
482 Views
Last Modified: 2012-05-05
Hi There

I have two web sites a ASP.NET  and an old legacy ASP system.
I want to have a site link that passes parameters in a querystring to the asp website.

My problem is that I will be passing user information from in a querystring I would like to hide those values or make sure that the asp website only exepts calls from the asp.net page.

HERE is the url i am using

<a href="http://legacysite/login.asp?UserID=<%=Session["Docter_Username"]%>&Password=<%=Session["Docter_Password"]%>"  target="_blank">

If there are any other suggestions on how to do this please let me know.

Both systems will be running on SSL
0
Comment
Question by:Stanton_Roux
2 Comments
 
LVL 49

Expert Comment

by:Ryan Chong
ID: 22829094
try "POST" to your old asp portal, instead of pass those parameters via QueryString ?
0
 
LVL 10

Accepted Solution

by:
jinn_hnnl earned 500 total points
ID: 22829099
The best way you can do is encrypt your querystring, this method we normally use when we have to transfer pages across multiple framework.

You can take a look here
http://sqlserverjunkies.com/HowTo/99201486-ACFD-4607-A0CC-99E75836DC72.dcik
http://www.simple-talk.com/dotnet/asp.net/a-complete-url-rewriting-solution-for-asp.net-2.0/
or
http://www.devcity.net/Articles/47/1/encrypt_querystring.aspx

JINN


0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
Performance in games development is paramount: every microsecond counts to be able to do everything in less than 33ms (aiming at 16ms). C# foreach statement is one of the worst performance killers, and here I explain why.
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now