469,579 Members | 1,112 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,579 developers. It's quick & easy.

Pass hidden values in ASP

VK
Hello:

We are integrating 3rd party s/w which would process online
transactions.

this product would require that we pass some sensitive information over
the web, using FORM-POST-Hidden fields method. On viewing source this
page we are able to see this info. To overcome this - steps followed.

PageA.asp - collect information, exists on our server
PageB.asp - request info from PageA.asp, append sensitive information,
automatically POST to client server - this code exists on our server.

The issue arises that while connecting from PageB.asp to client server,
there is a little delay which shows the hidden page.

Is there some other way to overcome this?

Thanks.
VK



*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #1
9 5124
Store this info in Session()
Mex
<VK> wrote in message news:%2****************@TK2MSFTNGP11.phx.gbl...
Hello:

We are integrating 3rd party s/w which would process online
transactions.

this product would require that we pass some sensitive information over
the web, using FORM-POST-Hidden fields method. On viewing source this
page we are able to see this info. To overcome this - steps followed.

PageA.asp - collect information, exists on our server
PageB.asp - request info from PageA.asp, append sensitive information,
automatically POST to client server - this code exists on our server.

The issue arises that while connecting from PageB.asp to client server,
there is a little delay which shows the hidden page.

Is there some other way to overcome this?

Thanks.
VK



*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Jul 19 '05 #2
VK
You mean, like:

<INPUT TYPE="HIDDEN" NAME="VALUE1"
VALUE="<%=Session("value1")%>">

On viewing source, this value is visible. I have tried this.

thanks.


*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #3
No i mean, why you must youse hidden fields?
Just store on first page this "sensitive" data in Session()
and read on second page :)
M.
Jul 19 '05 #4
Further ypu might want to do some sort of encryption on the data before
storing it.

Cheers, Luis
"Meelis Lilbok" <me*@hot.ee> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
No i mean, why you must youse hidden fields?
Just store on first page this "sensitive" data in Session()
and read on second page :)
M.

Jul 19 '05 #5
VK
Meelis,

While reading this session object, we are able to view this value. the
only way the client wants/reads/interprets this information is by form,
post, hidden field.

Luis,
when you say - encryption on the data, you mean secure ASP page using
HTTPS(which we are doing), or you mean the data itself? How would we
perform encryption on the data itself?

Many thanks.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #6
On Wed, 17 Dec 2003 07:10:35 -0800, VK <VK> wrote:
You mean, like:

<INPUT TYPE="HIDDEN" NAME="VALUE1"
VALUE="<%=Session("value1")%>">

On viewing source, this value is visible. I have tried this.


No, use session variables. Not passing through a form. There are
limits to sessions (cookies being the biggie for most people) but they
should work fine. Take a look at this for sample shopping cart code:

http://www.aspfaq.com/cart/

Jeff
Jul 19 '05 #7
<VK> wrote in message news:Oy**************@TK2MSFTNGP10.phx.gbl...
Luis,
when you say - encryption on the data, you mean secure ASP page using
HTTPS(which we are doing), or you mean the data itself? How would we
perform encryption on the data itself?


I think he meant encrypting the data as you pass it along. It would mean
encrypting it as it was collected and then decrypting it just before sending
it to the third party page. You could use a component like ASPEncrypt to
handle the encryption/decryption.

Regards,
Peter Foti
Jul 19 '05 #8
exactly. you can use a componet as mentioned hereunder or just some kind of
funcion you make up to do the job.

cheers, Luis

"Peter Foti" <pe****@systolicNOSPAMnetworks.com> wrote in message
news:vu************@corp.supernews.com...
<VK> wrote in message news:Oy**************@TK2MSFTNGP10.phx.gbl...
Luis,
when you say - encryption on the data, you mean secure ASP page using
HTTPS(which we are doing), or you mean the data itself? How would we
perform encryption on the data itself?
I think he meant encrypting the data as you pass it along. It would mean
encrypting it as it was collected and then decrypting it just before

sending it to the third party page. You could use a component like ASPEncrypt to
handle the encryption/decryption.

Regards,
Peter Foti

Jul 19 '05 #9
VK
Jeff:

Apologize if I seem dense, you mean to define session variable in
global.asa file and then on one of asp pages submit this as hidden
value?

global.asa
Session("PASSWORD") = "password"
in .asp page
<Input type="hidden" name="PASSWORD">

would this work?

Many thanks.
*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Jul 19 '05 #10

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

19 posts views Thread by nazgulero | last post: by
2 posts views Thread by KFactor | last post: by
2 posts views Thread by Thomas | last post: by
3 posts views Thread by Aussie Rules | last post: by
12 posts views Thread by Bryan Parkoff | last post: by
4 posts views Thread by guiromero | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.