Reputation: 1
SSL certificate will encrypt the query string values used in my MVC 3 application
I want to encrypt the query string values used in my MVC3 application. If i implement SSL certificate, whether all the parameters passed with url in encrypted form or not. The application is already completed, now its running appscan testing, so its very tough to encrypt and decrypt manually the query string.
Upvotes: 0
Views: 584
Answers (1)
Reputation: 6398
As per answer given in this post
Yes, it is. But using GET for sensitive data is a bad idea for several reasons:
Mostly HTTP referrer leakage (an external image in the target page might leak the password1) Password will be stored in server logs (which is obviously bad) History caches in browsers Therefore, even though Querystring is secured it's not recommended to transfer sensitive data over querystring.
Upvotes: 1
Related Questions
- ASP.NET Core MVC Encrypt/Decrypt QueryString Values
- how to pass encrypted query string in asp.net
- How can I encrypt the id querystring parameter
- Query string module encryption not working properly
- How to Encrypt/Decrypt query string data
- Asp.Net MVC encrypted querystring
- Encrypt query string
- will the SSL encrypts both the Query string and body of the post request in my asp.net mvc3 web application
- Encrypted URL results in Bad Request
- Encrypt querystring using HttpHandler