473,395 Members | 2,446 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > can the profile data be altered by the client?

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Can the Profile data be altered by the client?

Hi,

I want to store a refferer id in the ASP.NET 2.0 Profile. I have read, that
you shouldn't store sensitive data in the Profile without encryption. Is it
because it is stored as clear text in the database or are there other
reasons? When I set the refferer id on the server side, can I rely on it? Or
is there any case in which data from the profile is beeing stored at client
side and therefore not safe from modification?

Thx
Apr 20 '06 #1
2 1038
its because its clear text in the database. privacy laws are requiring
better control of information. for example, one of the big credit cards
thefts was actually caused by a bank losing its backup tape and the data was
not encrypted.

you can not count the refferer id. many proxy servers strip it for privacy.

-- bruce (sqlwork.com)

"Christian Döring" <cd********@gmx.de> wrote in message
news:uW**************@TK2MSFTNGP03.phx.gbl...
Hi,

I want to store a refferer id in the ASP.NET 2.0 Profile. I have read,
that you shouldn't store sensitive data in the Profile without encryption.
Is it because it is stored as clear text in the database or are there
other reasons? When I set the refferer id on the server side, can I rely
on it? Or is there any case in which data from the profile is beeing
stored at client side and therefore not safe from modification?

Thx

Apr 20 '06 #2
Hi Bruce,
you can not count the refferer id. many proxy servers strip it for
privacy.

By refferer ID I actually mean some ID that is created on the server side
and has nothing to do with the browser refferer id or any client specific
data. Sorry, this was very mistakeable!

My question still is: Is there any case in which data from the P r o f i l e
is beeing stored at client
side and therefore not safe from modification?
Apr 20 '06 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
Profile or Custom Class How to migrate to ASP.NEt 2.0
by: Shimon Sim | last post by:
Hi I am working on application that need to hold custom user information - Last and first name, email, some other domain related information. I used to create Base class for all my pages. The base...
ASP.NET
4
How to Remote a custom membership or profile provider ???
by: techsupport | last post by:
I have some experience with .NET Remoting, as well as ASP.NET 2.0, and have been wanting to remote a custom membership and profile provider. I want to take advantage of the new controls in ASP.NET...
ASP.NET
0
Use of ApplicationID vs Profile attribute as a foreign key to a ClientID
by: ANON | last post by:
I am looking for advice on usage of the ApplicationId (aspnet_Applications table) to distinguish groups clients within the same app. When I add a new client group I'd like to limit their view of...
ASP.NET
5
When Profile should be used
by: cipcip | last post by:
By default profile use sql server xpress provider and probabily, caches stored data when they are requested for the first time, So the question is: why we should use profile instead of storyng,...
ASP.NET
6
saving picture to a user profile!
by: Jeff | last post by:
Hey (and thank you for reading my post) In visual web developer 2005 express edition I've created a simple website project.. At this website I want users who register to be able to upload a...
ASP.NET
2
Image data in profile: 28 bytes unaccounted for?
by: Roel | last post by:
Hi, I'm using the ASP.NET 2.0 profile system to keep an image of members of my website "MyWebsite". Initially, I've created the property in the web.config like: <add name="Photo"...
ASP.NET
9
Custom Profile Provider Implementation
by: Kirk | last post by:
I have successfully, implemented a custom Membership Provider to a SQL 2000 table, however, I am having problems doing the same with a Profile Provider. As I understand it, the steps for both of...
ASP.NET
4
User Profile Data
by: Scott M. | last post by:
When profile data is stored in ASP .NET, where is the user data persisted? For how long is it persisted: is it session persisted or permanent (like a cookie)?
ASP.NET
0
ANN: Product Scope 7 and Profile Exchanges enhanced with SetupCast publishing methods
by: David Troxell - Encourager Software | last post by:
Product Scope 7 (http://www.encouragersoftware.com/) and Profile Exchanges enhanced with SetupCast publishing methods NOTE: If you are a software author, releasing commercial and/or shareware...
C / C++
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!