Forum


HomeHomePremiumPremiumDevelopmentDevelopmentPassing Parameters securly between pogesPassing Parameters securly between poges
Previous
 
Next
New Post
9/2/2013 1:46 PM
 

I am fairly new to DNN and specially 7.1 version. I want to know how I can pass parameters securly between DDN 7.1 pages that they would become part of URL. Current I am using DAL2 and here is the code snippet which I am using in DAL.

return "<a href='" + Globals.NavigateURL(TargetTabID, String.Empty, "ItemID=" + this.ItemID)+ "'><img src='" + Globals.ApplicationPath + "/images/img.gif' width='20px' height='20px' /></a>";

When I hover over image I can see the URL and after navigation, whole url is exposed on URL. I want to hide these parameters so end users cannot see them like we use httpPost in Asp.net. I have already watched  following video. http://www.dnnhero.com/Premium/Tutorial/tabid/259/ArticleID/206/Module-View-Navigation-in-DNN-Part-3-6.aspx I do not see how it will hide parameters. I could not use EditUrl in DAL as well.

 

 
New Post
9/3/2013 4:43 AM
 

Imran,

Using the DAL or DAL2 data access should not affect the navigation NavigateUrl or EditUrl methods in the DNN API.  Like I mention in the Module Views and Navigation video, they pretty much do the same thing.  You will have the parameters added to the Url.  There are a few ways to get around this.  First is to set up Url rewriting to translate the url from ".../Page.aspx?ItemID=12345" into something nicer like ".../Page/this-is-the-item-detail-page".  But this would only be for SEO purposes; the user would still see the itemid if they hover over the image.  If you need to secure the itemID, you could pass it in the session, or hash it before adding it to the Url.  In this case, you would need to develop the module on both the pages the url is navigating to and from.

 
New Post
9/3/2013 4:45 AM
 

Imran,

Using the DAL or DAL2 data access should not affect the navigation NavigateUrl or EditUrl methods in the DNN API.  Like I mention in the Module Views and Navigation video, they pretty much do the same thing.  You will have the parameters added to the Url.  There are a few ways to get around this.  First is to set up Url rewriting to translate the url from ".../Page.aspx?ItemID=12345" into something nicer like ".../Page/this-is-the-item-detail-page".  But this would only be for SEO purposes; the user would still see the itemid if they hover over the image.  If you need to secure the itemID, you could pass it in the session, or hash it before adding it to the Url.  In this case, you would need to develop the module on both the pages the url is navigating to and from.

 
New Post
9/3/2013 4:32 PM
 

Thannk you Scott,

Could you please provide an example on using session, or how to hash it before adding it to the Url. It will help me a ton. Thanks

 
New Post
9/4/2013 11:39 AM
 

I ended up sending parameters while encrypting it.

Sending end --> UrlUtils.EncryptParameter

Recieving end --> UrlUtils.DecryptParameter

Thanks everyone for your help.

 

 

 
Previous
 
Next
HomeHomePremiumPremiumDevelopmentDevelopmentPassing Parameters securly between pogesPassing Parameters securly between poges



Try FREE
30 days money back guaranteed