I am looking at a web application that redirects a user to a different site based on a user selection. Following is the scenario
I would like to pass some sensitive data (the user id in this case) to the redirected page. I can do the following:
However I am uneasy about passing the data as a query string. Would using https instead of http help? What are my options?
We have encountered a similar scenario and we encrypted the entire query string in request. We introduced a filter component which will then decrypt it and pass it on to the handler, on a very high level. You can use https or Post, but nothing is safe from intrusion untill you take a good care.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.