I was wondering how you could encrypt/decrypt your querystring in a simple asp.net page? some values need to be passed between different pages but the querystring cannot be changed or read.
Some say httphandles could be the solution for this.
MORE BACKGROUND INFO:
this is the problem, sometimes the sessions disappear without any reason (well there must be one but I don't know it yet). I've looked into the possible reasons but nothing that could cause it is happening.
Therefore I cannot rely on it anymore. The cookie solution is a possibility but it will be more work to implement than simply using the querystring. The url can be copied at any time just not changed!
My web application will be launched through existing thick client applications. When launched, an HTTP POST request will be generated including information like the userID and additional context information (basically stuff like the target user's name, birthday, etc.).
My plan for authentication is for there to be a look-up table in the database. If the username is already there, automatically login the user, but if there is no entry in the database, redirect the user to an initial login page which will be used to create that database entry.
My question is how to secure this against MITM and other security holes. How can the request generated through the thick client be on an SSL connection? Doesn't an SSL connection have to be authenticated with the username (and password) first? And if so, will the additional context information be publicly exposed until the user is logged in?
I have a browser compatibilty problem with https? I have SSL installed and is in usage. Until today morning, my https part is working well. From then, Https is shown as https(with slashed in red color) saying the page has some insecure content. I have not changed any code and suddenly i see this problem in chrome. In IE 8, i see the same problem but on every page, it shows me a popup if i should allow to opne secure and non secure or just secure. Firefox has no issues . It shows correct https without any problem. I am fed up with it searching all over. Why is this happenening for me in Chrome and IE 8.
I have a custom mini login user control that I have embedded in the top of my website which shows on every page. These pages are non-secure HTTP://. I would like to avoid having to redirect the user to a HTTPS page to perform the login but I definitely don't want to send login credentials to the server in plain text.
I am trying find a method to send the user's login credentials encrypted via https from a non-secure (http) page.
I tried to set the postbackurl for the login button to itself but in https, but the user's input is not retained and the buttonLogin_click is not fired when I set the button postbackurl property. My ASP.net web application is VB.Net framework 4.0
I am assuming this can be done because I see lots of websites where login fields are on available on every page and they are running http and I can believe they are not encrypting the login credentials.
I have a GUI when i log in i create a cookie and it encrypt it. I am usin SSL.
I check in the Login.aspx page if the cookie is secure, which it is. but then before going to the default page it goes to the Global.ascx page.
Here in the Application_AuthenticateRequest it gets the cookie and decrypts it for the default page..
Now i know that it is getting the same cookie as all the other attributes match the one that was created in the Login.aspx page excet that the secure value is "False".
this is the case for all other pages after default. the value of the cookie.secure is false.
why is this happening as i want all the pages to be secure by SSL.
After logging to the mvc site using a secure connection (https), calling actions using https connection show up with the user logged in but calling actions using http it bahaves as if user didn't log on. Since I need to use a virtual directory for https connections(and can't use that directory for http connection) Https links start with: [URL]
I'm working on a legacy web application - frames and a mixture of html, asp and aspx. The entire site is https. For some strange reason when I hit a specific page I get the magic message that says the Page contains both secure and nonsecure items. (IE obviously doesn't want to tell me what those resources are) I have checked the page that's being loaded and there are absolutely no http://... links - everything is relative links.
I have fired up fiddler and checked what's being requested - everything looks fine. I am completely at wit's end here. I have absolutely no idea why I'm getting this message, but it's completely screwing with the site.
Here in below code i have used querystring for sending imagename from this page to another page. Now i just want that with this imagename in also want to send span element's text with same querystring.How can i achieve this?
The following code works well as long as I pass a querystring value to the datalist.
Private Sub BindGrid() Dim id As Integer = Integer.Parse(Context.Request.QueryString("id")) Dim strConnString As String = ConfigurationManager.ConnectionStrings("Conn").ConnectionString Using con As New SqlConnection(strConnString) Using cmd As New SqlCommand() cmd.CommandText = "select Id, Name from tblFiles where Id=@Id"
[Code] ......
However, the page errors with the message "Value cannot be null." if I don't pass a value. I know that DataList does not have an EmptyItem Property like a Gridview control. I do not want the page to error if I don't pass a value. Need info to deal with empty values in a datalist.
Most websites have pointed me to this code to use:
The 'list' throws an error. The error is "Too few type arguments to 'System.COllections.Generic.List". I am not sure if the code is written in C# and that is what is causing the error. It seems that it should work but I can not figure out the 'list' error.
I am developing a web application in which the clients wants to send a pdf copy of aa Authenticated Page to users and as well as to the administrator..
As I google about this problem but didnt find any solution.
Because in all cases I have to pass the url of the secure page to the function...and in runtime when function make a webrequest to the page it will always generate the PDFof the login page.
So is there any way to generate the PDF of a secure page in C# ASP.Net
We want to give the calling website 'test' string that links back to the guid of our table which tells the Silverlight application what it's task is when they arrive. We also use this guid for authentication on our application among other things.
I have a URL www.site-address/site-page/page1.aspx?username=deepu&password=deepu how can i change the URL to www.site-address/site-page/page1.aspx?username=232322323232&password=2323232322323 ie i want to encrypt the fields i pass through the URL to encrypt and decrypt the URL in C# using .net,now i am using response.redirect and pass these values as query string...
A folder on File System contains .xml files, .txt files and a file exposed by third party tool. Using c# (in VS 2008), I want to encrypt the whole folder in someway before transferring it through FTP.
I have followed the method in this article, but it has the drawback that is uses reflection on an internal method. This has caused it to be flagged in a code review -- it is not future-proof as the internal implementation may change.
Is there a method with identical functionality which doesn't require using encryption on internal methods?
I am using .NET Framework 3.5 SP1 (Assume I cannot change framework versions)