[英]how to hide URL of pages when Redirect from one page to another in asp.net
[英]How to hide query string when redirect to a page in another website
var url = string.Format("{0}?userid={1}&password ={2}", rootUrl, Id,password);
//use ClientScript to open a new windows from server side
var sb = new StringBuilder();
sb.Append("<script type = 'text/javascript'>");
sb.Append("window.open('");
sb.Append(url);
sb.Append("');");
sb.Append("</script>");
ClientScript.RegisterStartupScript(this.GetType(), "script", sb.ToString());
我不想在URL中顯示用戶名和密碼。
您應該使用HTTP POST請求來執行此操作,因為該方法看不到已發布的內容,該內容已嵌入HTTP消息主體中並作為查詢字符串參數公開。
正如@YuriGalanter所評論的那樣,請使用SSL (HTTPS)進行此操作,以便通過網絡流量加密您的消息,從而防止嗅探者查看敏感細節。
例如:
HttpWebRequest httpWReq =
(HttpWebRequest)WebRequest.Create("http://domain.com/page.aspx");
ASCIIEncoding encoding = new ASCIIEncoding();
string postData = "username=user";
postData += "&password=pass";
byte[] data = encoding.GetBytes(postData);
httpWReq.Method = "POST";
httpWReq.ContentType = "application/x-www-form-urlencoded";
httpWReq.ContentLength = data.Length;
using (Stream stream = httpWReq.GetRequestStream())
{
stream.Write(data,0,data.Length);
}
HttpWebResponse response = (HttpWebResponse)httpWReq.GetResponse();
string responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
並獲得響應:
HttpWebResponse response = (HttpWebResponse)httpWReq.GetResponse();
最好的隱藏用戶信息的方法是將查詢字符串傳遞給另一個站點時對其進行加密,然后在當前瀏覽器的新標簽頁中打開該URL。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.