Reputation: 2116
ASP.NET Passing parameter with response.redirect without showing in url
I am redirecting to a page in my asp.net application using which passes a parameter in the url.
HttpApplication app = (HttpApplication) sender;
HttpResponse response = app.Context.Response;
app.Response.Redirect("~/auth/SignOn.aspx?capath=" + capath);
Is there a way to send execution or direct to that page and pass the paremeter without showing it in the url? Thanks.
Upvotes: 8
Views: 33815
Answers (3)
Reputation: 5876
url parameters are very insecure. it is a simple string that goes visible to everyone. you should either encrypt it or use sessions. if it is an id you are passing in the url, you can use uniqueidentifier as an id.
I think the best and easiest way is to send it via Sessions.
Upvotes: 4
Reputation: 1459
if you website has distributed in many computer, you should use cookie in order to void session miss
write cookie
HttpCookie testCookie = new HttpCookie("capath");
testCookie.Value = HttpUtility.UrlEncode(capath);
Response.Cookies.Add(testCookie);
read cookie
if (Request.Cookies["capath"] != null)
{
HttpCookie getCookie = Request.Cookies.Get("capath");
}
Upvotes: 1
Reputation: 35572
You can't hide values sent in query string, but you can encrypt the values, if you want them not to be readable. OR Instead of simple redirection you will have look for other option to navigate to next page
How to: Pass Values Between ASP.NET Web Pages
Upvotes: 3
Related Questions
- Passing Parameters on Response.Redirect without QueryStrings
- Redirecting to the same page with different redirect parameters in ASP.NET
- C# ASP Response.Redirect URL Parameter being moved in output URL
- Redirecting to a page hiding query string parameters asp.net
- response redirect url aspx page
- Response redirect with http anchor and parameters result in parameter lost
- URL getting Appended when using Response.Redirect
- Hide all redirect informations
- Using ASP.NET Redirect without string URL?
- Response.Redirect passing a value dynamically