/**
* Add security by encrypting and decrypting URL variables.
*
* @param cQueryString Query string to encrypt. (Required)
* @param nKey Key to use for encryption. (Required)
* @return Returns an encrypted query string.
* @author Timothy Heald ([EMAIL PROTECTED])
* @version 2, February 19, 2003
*/
function urlEncrypt(queryString, key){
// encode the string
var uue = cfusion_encrypt(queryString, key);
// make a checksum of the endoed string
var checksum = left(hash(uue & key),2);
// assemble the URL
queryString = "/" & uue & checksum &"/index.htm";
return queryString;
}
</cfscript>
IN: security
OUT: speed
Encrypt all URL append a index.htm after all encrypted URL...
More details:
http://www.cflib.org/udf.cfm?ID=203
Great work....
Thanx all
----- Original Message -----
From: "Philip Arnold" <[EMAIL PROTECTED]>
Date: Tue, 30 Dec 2003 12:20:51 -0500
To: CF-Talk <[EMAIL PROTECTED]>
Subject: RE: Hidding URL
> Evaluate what you need to hide. Remember that you can always
> right-click--view source and see what you are passing. I
> think that if variables values are that sensitive, you may
> not want to expose them at all, in which case id use the
> session scope.
The problem with this is that you can't Ctrl+N to create a new window,
then go to 2 different parts in the "admin" area of the site
If it comes to this, then you should pass a URL/form variable with the
different browser, and keep it's related information in the Session
scope
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
