Even if you do scramble (encrypt) the URL, it could still be modified in a
harmful way by the user either deliberately or accidentally. Perhaps you
could maintain the actual UserID in session state rather than passing it
around in the querystring. Also, there are methods to include a checksum
value in the query string.
"Jeremy S" <A@B.COM> wrote in message
news:u%****************@TK2MSFTNGP12.phx.gbl...
What are some options for scrambling information in the QueryString.
Consider this URL for example:
SomePage.aspx?userid=15
I don't care if there is something in the querystring - I'd just prefer
that it's not obvious that a variable named [userid] is getting passed, and
that it has a value of 15.