|
|
<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<title>Simple web encryption</title>
<style type="text/css">
body
{
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10px;
text-decoration: none;
position: relative;
color: #000000;
margin : 0px;
overflow-x : hidden;
width: 100%;
}
</style>
<script language="javascript">
/*
====================================================================
This function helps protect the email address from the evil spam-bots
that scan web pages for useful data such as (email addresses).
Instead of using the data directly, the encoded value is stored in the
html and decoded when required.
====================================================================
*/
function decode(ServerEncoded)
{
// The ServerEncoded parameter is a string that contains the encoded data.
// Each character in the ServerEncoded parameter has been converted into
// a two digit number (hex / base16). This function converts the
// series of numbers back into the normal form and returns the
// decoded string to the client
// holds the decoded string
var res = "";
// go through and decode the full input server encoded string
for (i=0; i < ServerEncoded.length;)
{
// holds each letter (2 digits)
var letter = "";
letter = ServerEncoded.charAt(i) + ServerEncoded.charAt(i+1)
// build the real decoded value
res += String.fromCharCode(parseInt(letter,16));
i += 2;
}
//return the new decoded string to allow it to be rendered to screen
return res;
}
/*
====================================================================
This function gets a reference to the server encrypted string and
then decrypts this using the decode() function and sets the
txtDecrypted value to the value return by the decode() function
====================================================================
*/
function GetEmailAndDecode() {
//get the table element
var txtSvrEncr = document.getElementById('txtServerEncrypted');
var txtJSDecr = document.getElementById('txtDecrypted');
txtJSDecr.value = decode(txtSvrEncr.value);
var txtAllTog = document.getElementById('txtAllTogether');
txtAllTog.value = decode(txtAllTog.value);
}
</script>
</head>
<body onload="GetEmailAndDecode();">
<form id="form1" runat="server">
<div>
<h1>Simple ASP .NET data protection</h1>
<p>
This simple web page contains a method for keeping sensitive data (such as emails) safe, by
employing server side encryption and client side decryption. It could be used for any data
I am using emails, but it could be applied to anything. You choose.
<br/>
<br/>
We all have emails these days, and this is somepeople main contact detail. As such dont
we all deserve to have this one detail kept secret from web bots that screen scrape web sites
looking for emails. This is what is done, its easy just match an email regular expression and
away you go. They would easily be able to pull out something like myname@hotmail.com
<br/>
<br/>
What this piece of codebehind stuff and javascript (in this page) will show, is how to encrypt
a users email before sending the page to the client. And then use javascript to decrypt it
back to an email again. The great part is that the actual HTML code doesnt contain the email
at all, so the nasty web bot cant get the users personal information out of the page. Ha Ha.
<br/>
<br/>
<br/>
<br/>
<b><asp:Label ID="Label1" runat="server" Text="Normal email (BAD, web bot could grab this)"></asp:Label></b>
<br/>
<br/>
<asp:TextBox ID="txtRawEmail" runat="server" Width="357px">myname@hotmail.com</asp:TextBox>
<br/>
<br/>
<br/>
<br/>
<b><asp:Label ID="Label2" runat="server" Text="Server side encrypted email / No javascript decryption...yet"></asp:Label></b>
<br/>
<br/>
<asp:TextBox ID="txtServerEncrypted" runat="server" Width="357px"></asp:TextBox>
<br/>
<br/>
<br/>
<br/>
<b><asp:Label ID="Label3" runat="server" Text="Javascript decryption, from Server side encrypted email"></asp:Label></b>
<br/>
<br/>
<asp:TextBox ID="txtDecrypted" runat="server" Width="357px"></asp:TextBox>
<br/>
<br/>
<br/>
<br/>
<b><asp:Label ID="Label4" runat="server" Text="Putting it all together. Server side encrypted email / Javascript decryption. Ha Ha web bot"></asp:Label></b>
<br/>
<br/>
<asp:TextBox ID="txtAllTogether" runat="server" Width="357px"></asp:TextBox>
</p>
</div>
</form>
</body>
</html>
|
By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.
If a file you wish to view isn't highlighted, and is a text file (not binary), please
let us know and we'll add colourisation support for it.
I currently hold the following qualifications (amongst others, I also studied Music Technology and Electronics, for my sins)
- MSc (Passed with distinctions), in Information Technology for E-Commerce
- BSc Hons (1st class) in Computer Science & Artificial Intelligence
Both of these at Sussex University UK.
Award(s)
I am lucky enough to have won a few awards for Zany Crazy code articles over the years
- Microsoft C# MVP 2016
- Codeproject MVP 2016
- Microsoft C# MVP 2015
- Codeproject MVP 2015
- Microsoft C# MVP 2014
- Codeproject MVP 2014
- Microsoft C# MVP 2013
- Codeproject MVP 2013
- Microsoft C# MVP 2012
- Codeproject MVP 2012
- Microsoft C# MVP 2011
- Codeproject MVP 2011
- Microsoft C# MVP 2010
- Codeproject MVP 2010
- Microsoft C# MVP 2009
- Codeproject MVP 2009
- Microsoft C# MVP 2008
- Codeproject MVP 2008
- And numerous codeproject awards which you can see over at my blog
Submit an article or tip