423,103 Members | 1,428 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 423,103 IT Pros & Developers. It's quick & easy.

URL encryption

P: n/a
Is there some handy URLs encryption method, to convert it into a
non-user readble format that still works on all browsers? I saw some
examples which escapes characters in the URL address into the 'escaped'
representation, but they may be suitable for long URLs, its too
noticeable and simplified for short URLs..

Jul 4 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a
mistral wrote:
Is there some handy URLs encryption method, to convert it into a
non-user readble format that still works on all browsers? I saw some
examples which escapes characters in the URL address into the 'escaped'
representation, but they may be suitable for long URLs, its too
noticeable and simplified for short URLs..
Hi,

You could have a look at mod_rewrite for Apache, but I don't expect
encrypting/decrypting an URL will be 'handy'.

Of course, the domain should stay intact.
eg:
http://www.example.com/mydir/mysubdir/myscript.php
could be converted into something like:
http://www.example.com/jHgyrRWfdjkLKhj

where you decode jHgyrRWfdjkLKhj into mydir/mysubdir/myscript.php

I am curious: What is the point?
Do you want to hide pathinfo?
If so: That won't give real security, only obscurity.

Regards,
Erwin Moller
Jul 5 '06 #2

P: n/a

Erwin Moller писал(а):
mistral wrote:
Is there some handy URLs encryption method, to convert it into a
non-user readble format that still works on all browsers? I saw some
examples which escapes characters in the URL address into the 'escaped'
representation, but they may be suitable for long URLs, its too
noticeable and simplified for short URLs..
Hi,
You could have a look at mod_rewrite for Apache, but I don't expect
encrypting/decrypting an URL will be 'handy'.
Of course, the domain should stay intact.
eg:
http://www.example.com/mydir/mysubdir/myscript.php
could be converted into something like:
http://www.example.com/jHgyrRWfdjkLKhj
where you decode jHgyrRWfdjkLKhj into mydir/mysubdir/myscript.php
I am curious: What is the point?
Do you want to hide pathinfo?
If so: That won't give real security, only obscurity.
Regards,
Erwin Moller

Hi,

not sure for mod_rewrite for Apache, I have no unix. The point is
obscure URL, to hide patch info, include domain.

thanks
Mistral

Jul 5 '06 #3

P: n/a
mistral wrote:
>
Erwin Moller ?????(?):
>mistral wrote:

Is there some handy URLs encryption method, to convert it into a
non-user readble format that still works on all browsers? I saw some
examples which escapes characters in the URL address into the 'escaped'
representation, but they may be suitable for long URLs, its too
noticeable and simplified for short URLs..
>Hi,
>You could have a look at mod_rewrite for Apache, but I don't expect
encrypting/decrypting an URL will be 'handy'.
>Of course, the domain should stay intact.
eg:
http://www.example.com/mydir/mysubdir/myscript.php
could be converted into something like:
http://www.example.com/jHgyrRWfdjkLKhj
>where you decode jHgyrRWfdjkLKhj into mydir/mysubdir/myscript.php
>I am curious: What is the point?
Do you want to hide pathinfo?
If so: That won't give real security, only obscurity.
>Regards,
Erwin Moller


Hi,

not sure for mod_rewrite for Apache, I have no unix. The point is
obscure URL, to hide patch info, include domain.
Hi,

mod_rewrite is indeed Apache only, but Apache is running great on W$ for
years now. (From W2000 and higher)
No reason to stick with that securityhole called IIS if you can get Apache
for free. (if you use IIS in the first place. :P )

If you are stuck with IIS for some reason, I don't know how to do the trick
easily.

Of course you can roll your own, like this:
http://example.com/redirectme.php?obsured=HUIKHKJJHG
where you translate HUIKHKJJHG to a real URL to which you redirect.
You can store the HUIKHKJJHG in a Database and the real path also.
Or you can make your own 'scramble' routine that does something similar.

Of course you also have to pass all extra get or post parameters too to the
script you redirect to.

Regards,
Erwin Moller
>
thanks
Mistral
Jul 5 '06 #4

P: n/a

Erwin Moller писал(а):
mistral wrote:
Erwin Moller ?????(?):
mistral wrote:

Is there some handy URLs encryption method, to convert it into a
non-user readble format that still works on all browsers? I saw some
examples which escapes characters in the URL address into the 'escaped'
representation, but they may be suitable for long URLs, its too
noticeable and simplified for short URLs..
Hi,
You could have a look at mod_rewrite for Apache, but I don't expect
encrypting/decrypting an URL will be 'handy'.
Of course, the domain should stay intact.
eg:
http://www.example.com/mydir/mysubdir/myscript.php
could be converted into something like:
http://www.example.com/jHgyrRWfdjkLKhj
where you decode jHgyrRWfdjkLKhj into mydir/mysubdir/myscript.php
I am curious: What is the point?
Do you want to hide pathinfo?
If so: That won't give real security, only obscurity.
Regards,
Erwin Moller

Hi,

not sure for mod_rewrite for Apache, I have no unix. The point is
obscure URL, to hide patch info, include domain.
Hi,

mod_rewrite is indeed Apache only, but Apache is running great on W$ for
years now. (From W2000 and higher)
No reason to stick with that securityhole called IIS if you can get Apache
for free. (if you use IIS in the first place. :P )
If you are stuck with IIS for some reason, I don't know how to do the trick
easily.
Of course you can roll your own, like this:
http://example.com/redirectme.php?obsured=HUIKHKJJHG
where you translate HUIKHKJJHG to a real URL to which you redirect.
You can store the HUIKHKJJHG in a Database and the real path also.
Or you can make your own 'scramble' routine that does something similar.
Of course you also have to pass all extra get or post parameters too to the
script you redirect to.
Regards,
Erwin Moller
----------------------------------------

I meant direct url obfuscating, without involving of Apache or IIS.
Just cloacking url into something like
http://d3d3Lmdvb2dsZS5jb20vdGhlcGFnZS9wYXRjaC8= or similar, but
recognizable by web browsers.

I tried encode url into base64, but browser not recognize url.
thanks,

Mistral

Jul 5 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.