Encrypt and decrypt query strings in MVC3?

Question

5.00/5 (2 votes)

See more:

I am using MVC3. I have a couple of pages which do not require authentication but these pages have querystrings which could be tampered. These pages are for info collection forms for guests which do not need to be authenticated. I am planning to encrypt these urls when sending to users and decrypt it back when they hit it, what is the best way to encrypt and decrypt query strings in MVC3 or is there any other solution for such scenario?

Send me a pointer If there is any module that I can reuse...

Appreciate your help

Thanks

Posted 21-May-12 6:51am

Jonny Galt

Updated 21-May-12 13:34pm

Karthik. A

v2

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

GateKeeper22 · Answer 1 · 2012-05-24T09:41:00

If it was me I would just serialize the form and call the controller method with AJAX. If you do a post the query string won't be visible to the user. After the AJAX call is successful you can forward them on to the next page you want them on. I have included some example code to do use this method.

JavaScript

var formInfo = $("#FormName").serialize();
$.ajax({
        type: "POST",
        url: "ControllerMethod",
        data: formInfo,
        error: function (xhr, ajaxOptions, thrownError) {
             //Code to handle an error
        },
        success: function (data) {
             //Code to do what ever you want once successfully uploaded.        
        }    
});

Other than that I am not sure of a way to encrypt the URL. The browser needs to be able to interpret the URL to know which page to go to so I don't think this will be possible. But I could be wrong.

You could also encrypt the individual values then pass them in the URL that way. That would take a lot of work though. You would need to call a method on the server to encrypt each value entered than store the encrypted value in the form some where. The reason I say to encrypt on the server is because client side code is downloaded to the computer so anyone would have access to it and see how you were doing the encryption.

Hope this helps.