Reputation: 14044
ColdFusion sending encrypted form data via ajax
So I have a string that I need to encode in a hidden element in a form, and decode it after submission:
<input type="hidden" class="secret_number" value="#encrypt(0, 'foo')#">
So in the html, this looks god-awful, like
$&(A$4!v
Which causes errors with the URL, so I put it in URLEncodedFormat. So the final version looks like this: %25%28%25%5F%23WLT%20%0A, which is fine. If you decode and decrypt this it goes back to what it should be.
But after submission it looks like this:
%(%_#WLT
which errors on the decode because of the semi-colon.
Something of note is that on submission, this is running through an ajax call. Any ideas?
Upvotes: 0
Views: 643
Answers (1)
Reputation: 9615
Try this to get more URL friendly encoding
<input type="hidden" class="secret_number" value="#encrypt(string=0, key='foo', encoding='HEX')#">
I will also note that if you care about security in this situation then do not use the default CFMX_COMPAT algorithm.
<input type="hidden" class="secret_number" value="#encrypt(0, 'foo','AES/CBC/PKCS5Padding','HEX')#">
And don't hard code the key into the code either.
I am assuming you are doing this just to get proper encoded vs for actual security.
Upvotes: 1
Related Questions
- Encrypting in Coldfusion and then decrypting in PHP
- Encrypt Datatable server side response with Coldfusion
- Coldfusion Encrypt & Decrypt Within Functions In A Component
- How do I encode/decode between Javascript and ColdFusion?
- Escaping characters with ajax and ColdFusion
- coldfusion decrypt to c#
- Coldfusion Encryption/Decryption issue
- Encrypt and decrypt querystring in ColdFusion - parsing resultant string for parameters and values
- decrypt encrypted string from coldfusion using c#
- coldfusion decrypt in php