Clever Geek Handbook

Encryption algorithm for web applications

I have been using the Symmetric (Rijndael) Key Algorithm ( http://www.obviex.com/samples/Encryption.aspx ) for a while to encrypt the ID. Then I url encodes the encrypted version of the ID and passes it in the query string. When I extract the ID from the query string, I decode it first and I decode it.

There was a problem recently. If the encrypted identifier has both "spaces" and "+" (for example, "abc ef + g"), the URL encoding changes all "spaces" to "+". This is a problem, when I ID-decode the id, "I know" + "was" + "and" + "was" space ".

If there is an option so that I can select the alphabet-only output character set (i.e. only AZ is used in the encrypted id)? Or if there is another 2 cipher algorithm that has the ability for me to choose the output character set?

Or I guess my last option is to manually replace the "+" in the encrypted id with something like "_SPACE _"

thank

+2


source to share


4 answers


You need to url-encode your encrypted id when passed as request parameters.



I prefer the URL safe Base64 version for anything used in request parameters or cookies.

0


source


Okay to answer your question at a basic level: Yes, encode the encrypted result in base64.



But I must admit that I am very concerned about your approach in general.

0


source


you should see how I decided to manage my way of hiding the id (in my case the guid, but could be any encrypted string)

link

0


source


Can you manually encode the url so that spaces are changed to %20

instead +

?

0


source






More articles:


All Articles