0

While making POST request using Jquery Ajax for a controller's action,What would be the better to encrypt the URL in the POST request and decrypt at Controller action,without involving the SSL.

I came across ANtiXSS library,does it provide the one I need.

Regards, Qureshi

Soni Qureshi
  • 97
  • 2
  • 8
  • Why do you want to do this? – Bhushan Firake Mar 05 '13 at 05:14
  • I dont think you can actually do this. How would the request know where to go? You will be able to encrypt the POST data if needed, but ideally you would use SSL even though you have said you dont want to. – gdp Mar 05 '13 at 05:37

1 Answers1

0

Start simple - you can't encrypt the URL, but you can encrypt the query string. I'd start with something simple like ?q=value1|value2|value3 and use a simple Base64 encoded value so that the query string becomes ?q=dmFsdWUxfHZhbHVlMnx2YWx1ZTM=. Then you can decode and parse out the values by splitting on a separator like the pipe "|".

If that's not enough, then search on public/private key encryption. You can use a js library to encrypt client-side with the public key and decrypt server-side with the private key.

viperguynaz
  • 12,044
  • 4
  • 30
  • 41