VK wrote on 15 jul 2003 in microsoft.public.inetserver.asp.general:
Evertjan. wrote: VK wrote on 15 jul 2003 in microsoft.public.inetserver.asp.general: use form/post, and catch that with
<% r=request.form("myInputValue") %>
So would that make the whole process secure ??
Not at all. Who was talking about secure?
Why would you want to make things secure from the user.
I just answered the question how not to see the querystring in the
adressbar.
The OP question was
"Is there an easy way to encrypt the querystring values that get
displayed on
the location bar / other than not using querystring."
And You suggested using "request.form" and so i had to question how
it was secure.
Sure, but how would you encrypt something by not using it?
I tried to explain this was not possible, implicitly thinking that we
were talking <a href="/file.asp?qwert=7">, but security did not come
into it.
btw:
Perhaps the answer should have been:
1
"By submitting a form method=query the querystring is not seen on the
status bar."
or
2
"By using <span onclick="/file.asp?qwerty=7"> the querystring is not seen
on the status bar."
or
3
"the value on the querystring can easily be encrypted and serverside
decripted with rot13"
VBS Rot13 function:
Function ROT13(szInput)
coding = "ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLM"
coding = coding & lcase(coding)
For i = 1 To Len(szInput)
character = Mid(szInput, i, 1)
position = InStr(coding, character)
If position > 0 Then character = Mid(coding, position + 13, 1)
txt = txt & character
Next
ROT13 = txt
End Function
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)