To be quite honest, its nothing really too sensitive like index ID keys (ie: product ids, employee ids, order numbers, etc). Even so, there are already layers of access security built in that validates the user to the data. For more sensitive data, I use session vars. What I was thinking is that to discourage potential hacks to even consider looking into the URL or hidden fields on the page source to figuring anything out. 'Hope that makes sense. Thanks Teddy.
> -----Original Message----- > From: Teddy Payne [mailto:[EMAIL PROTECTED] > Sent: Thursday, September 28, 2006 5:41 AM > To: CF-Talk > Subject: Re: URL/FORM var Obfuscation techniques > > The question here is what are you trying to hide in the URL or a hidden > form > field? > > Teddy > > On 9/27/06, Michael E. Carluen <[EMAIL PROTECTED]> wrote: > > > > Besides encrypt/decrypt and URLencodedformat/URLdecode, are there are > > other > > techniques out there to obfuscate URL variables. I just wanted to know > if > > there are other ways to make it even more difficult for hacks to figure > > out > > passed URL or even hidden FORM vars. Thanks in advance. > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:254659 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
