Re: encrypt method=APOP broken or just not enough docs? - was:MD5 encryption
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 47395
interpreted = N
texte = Another possibility is to write the URL to a database with a unique key (like a [cart] number), then just set the cookie to that unique key. Then you can look up the URL based on the key in the cookie. My tendency is to set only a user ID cookie, and use that to lookup any user-specific data from WebDNA dbs.- brianOn Monday, February 3, 2003, at 11:02 PM, Dale LaFountain wrote:> Scott,>> OK, fair enough. APOP looked enticing because the encrypted value was > all lower ascii and SHORTER than the input string (both desirable > traits when compared to the default encryption). I didn't even know > that the APOP method existed until earlier today when I looked over > the encrypt docs.>> Upon further reading, the docs imply that Cybercash can't be used for > round trip encrypt/decrypt either:>> decrypt - seed - For CyberCash, this should be the MerchantKey you > were assigned when you created a CyberCash merchant account [...] > CyberCash decryption only works with text sent from the CyberCash > CashRegister server to you; it cannot be used to decrypt text that was > encrypted by WebDNA itself.>> So if we want to encrypt and decrypt data locally, we will need to use > either the built-in encryption or the base64 method for > encoding-but-no-encryption.>> I'm just trying to find the simplest/shortest way to save a URL in a > cookie without it breaking or containing 100 miles of url'd characters > after being encrypted and double-url'd... Since I'm not protecting > critical data, it looks like the winner is:>> [SETCOOKIE name=mycookie&value=[encrypt > method=base64][refr][/encrypt]&path=/&domain=.mydomain.com]>> Something else that took a while to track down today: Don't include > & in cookie data unless you url the input twice (or use base64 > encoding instead of url).>> Thanks,>> Dale>>> APOP is not a valid method for the [decrypt] context. If you need to>> encrypt and decrypt data then use either 'CyberCash' or the built-in >> WebDNA>> method (not using the method= parameter).-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Another possibility is to write the URL to a database with a unique key (like a [cart] number), then just set the cookie to that unique key. Then you can look up the URL based on the key in the cookie. My tendency is to set only a user ID cookie, and use that to lookup any user-specific data from WebDNA dbs.- brianOn Monday, February 3, 2003, at 11:02 PM, Dale LaFountain wrote:> Scott,>> OK, fair enough. APOP looked enticing because the encrypted value was > all lower ascii and SHORTER than the input string (both desirable > traits when compared to the default encryption). I didn't even know > that the APOP method existed until earlier today when I looked over > the encrypt docs.>> Upon further reading, the docs imply that Cybercash can't be used for > round trip encrypt/decrypt either:>> decrypt - seed - For CyberCash, this should be the MerchantKey you > were assigned when you created a CyberCash merchant account [...] > CyberCash decryption only works with text sent from the CyberCash > CashRegister server to you; it cannot be used to decrypt text that was > encrypted by WebDNA itself.>> So if we want to encrypt and decrypt data locally, we will need to use > either the built-in encryption or the base64 method for > encoding-but-no-encryption.>> I'm just trying to find the simplest/shortest way to save a URL in a > cookie without it breaking or containing 100 miles of url'd characters > after being encrypted and double-url'd... Since I'm not protecting > critical data, it looks like the winner is:>> [SETCOOKIE name=mycookie&value=[encrypt > method=base64][refr][/encrypt]&path=/&domain=.mydomain.com]>> Something else that took a while to track down today: Don't include > & in cookie data unless you url the input twice (or use base64 > encoding instead of url).>> Thanks,>> Dale>>> APOP is not a valid method for the [decrypt] context. If you need to>> encrypt and decrypt data then use either 'CyberCash' or the built-in >> WebDNA>> method (not using the method= parameter).-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Brian Fries
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat2b13MacPlugIn - [include] (1997)
two questions (1997)
[shell] stopped ?? (2003)
PCS Frames (1997)
Proper file locations (1997)
Too Much Rootbeer Free Offer (1997)
ImageMagick (2005)
[ShowNext] feature in 2.0 (1997)
setheader and retrieve it immediatly (2001)
credit card authorization question (1997)
writing db to disk (1997)
SendMail - Idea (2000)
Protect vs Authenicate (1997)
Cart ID Duplication (2001)
[WebDNA] 3-5 GB of native WebDNA db in RAM?, else MySQL w/WebDNA [SQL] tags, else skip WebDNA altogether? (2009)
Send massmail (2000)
Dark Horse Comics success story (1997)
Finding max value for a field (1997)
presetting variables ... (2000)
Checkboxes (1998)