Yeah, for PK identifiers encrypt() works pretty well. I have not really seen other ways to hide these as you pass them between files.
URLEncodedFormat(Encrypt(string,key)) to Decrypt(URLDecode(url.variable),key) is pretty common when attemtping to hide them. If there are other ways, I would be curious to try soemthing new. Teddy On 9/28/06, Michael E. Carluen <[EMAIL PROTECTED]> wrote: > > To be quite honest, its nothing really too sensitive like index ID keys > (ie: > product ids, employee ids, order numbers, etc). Even so, there are > already > layers of access security built in that validates the user to the data. > For > more sensitive data, I use session vars. > What I was thinking is that to discourage potential hacks to even consider > looking into the URL or hidden fields on the page source to figuring > anything out. > 'Hope that makes sense. Thanks Teddy. > > > > > > > > -----Original Message----- > > From: Teddy Payne [mailto:[EMAIL PROTECTED] > > Sent: Thursday, September 28, 2006 5:41 AM > > To: CF-Talk > > Subject: Re: URL/FORM var Obfuscation techniques > > > > The question here is what are you trying to hide in the URL or a hidden > > form > > field? > > > > Teddy > > > > On 9/27/06, Michael E. Carluen <[EMAIL PROTECTED]> wrote: > > > > > > Besides encrypt/decrypt and URLencodedformat/URLdecode, are there are > > > other > > > techniques out there to obfuscate URL variables. I just wanted to > know > > if > > > there are other ways to make it even more difficult for hacks to > figure > > > out > > > passed URL or even hidden FORM vars. Thanks in advance. > > > > > > > > > > > > > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:254664 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
