0

Is there possible to Hide Query String from URL??

I planned to go for session Variable.. but it works only for a limited time.

my URL and Query strings are

Default.aspx?a=b&c=D

I need as Default.aspx

I tried for encryption and Decryption.. but the values can be changed in address bar.

Improve this question
5
  • What do you mean with "but it works only for a limited time."? Commented Dec 19, 2011 at 10:22
  • @Strillo he means that the Session expires after awhile.. and the variables with it. Commented Dec 19, 2011 at 10:24
  • You can increase the session duration or some other caching solution if the values need to be stored for a long time. Commented Dec 19, 2011 at 10:28
  • how to increase session duration? It should not expiry for long time. Commented Dec 19, 2011 at 10:50
  • what do you mean you tried for encryption? Commented Feb 28, 2013 at 10:06

6 Answers 6

Reset to default
1

If session variables are not good for you, try storing values in cookies.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks Huske.. Cookies are secure?
Secure from what? They will be located on your users computer and will be transferred over to you. If you want to send them securely you would need to use HTTPS.
okay.. I started to work with Query string because it wont expiry and can run the page at any time. the only problem with query string is that can change in address bar. I need exactly like query string functionality and work hidden as session. Cookies will work out dude?
Cookies will work out 1) as long as your users have them enabled and/or 2) as long as they don't clear the cache.
1

Use POST action on your Form rather than GET. Values will still be able to be changed though, they just won't be visible on your URI

Improve this answer

3 Comments

In your FORM tag set ACTION=POST rather than ACTION=GET
how to get these values in next page??
Request.Form["clientid"] where clientid is the ID of your control that you want to get the value of.
1

Ganesh,

You have to understand what a URL is,

A URL is an address that enable access to a resource on the internet.

So we shouldn't hide anything in the URL, because it's like saying someone "Go to the 127th John Street, London" and you don't want him to try to go to the 126 (because he's not allowed to)!

Why would you want to hide an url parameter ? Most of the time because your user must have the correct privilege to access a resource, so here your solution would be :

  • store the user id in the session, and when a user try to access to the ressource check that he's got the mandatory privilege

  • Or make your product ID something else than integer (or add a column in your DB "ProductIDUrl") like a guid , so no one can guess the product id.

Improve this answer

Comments

1

If security is your concern then security by obscurity is not the best way. Sending the data by POST doesn't solve the problem either unless you use some kind of encryption.

You could just as easily encrypt the URL btw. Using the Session is not recommended since it puts extra load on the server.

Cookies can potentially affect performance.

If you are only concerned about security then encrypting the Query string is an option.

Improve this answer

Comments

0

I don't use .NET, but you could use POST instead GET.

Improve this answer

Comments

-1

Use URL rewriting or URL Routing to do this....

Improve this answer

2 Comments

Thanks for ur response Gaurav Agrawal!! I dono about url rewriting and routing... Please give any examples...
This answer is not particularly helpful. If someone does not know what URL rewriting or routing is, then this doesn't tell them much. And if they know what those things are, they probably wouldn't be asking this question.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.