Re: encrypt method=APOP broken or just not enough docs? - was:MD5 encryption
This WebDNA talk-list message is from 2003
It keeps the original formatting.
numero = 47395
interpreted = N
texte = Another possibility is to write the URL to a database with a unique key (like a [cart] number), then just set the cookie to that unique key. Then you can look up the URL based on the key in the cookie. My tendency is to set only a user ID cookie, and use that to lookup any user-specific data from WebDNA dbs.- brianOn Monday, February 3, 2003, at 11:02 PM, Dale LaFountain wrote:> Scott,>> OK, fair enough. APOP looked enticing because the encrypted value was > all lower ascii and SHORTER than the input string (both desirable > traits when compared to the default encryption). I didn't even know > that the APOP method existed until earlier today when I looked over > the encrypt docs.>> Upon further reading, the docs imply that Cybercash can't be used for > round trip encrypt/decrypt either:>> decrypt - seed - For CyberCash, this should be the MerchantKey you > were assigned when you created a CyberCash merchant account [...] > CyberCash decryption only works with text sent from the CyberCash > CashRegister server to you; it cannot be used to decrypt text that was > encrypted by WebDNA itself.>> So if we want to encrypt and decrypt data locally, we will need to use > either the built-in encryption or the base64 method for > encoding-but-no-encryption.>> I'm just trying to find the simplest/shortest way to save a URL in a > cookie without it breaking or containing 100 miles of url'd characters > after being encrypted and double-url'd... Since I'm not protecting > critical data, it looks like the winner is:>> [SETCOOKIE name=mycookie&value=[encrypt > method=base64][refr][/encrypt]&path=/&domain=.mydomain.com]>> Something else that took a while to track down today: Don't include > & in cookie data unless you url the input twice (or use base64 > encoding instead of url).>> Thanks,>> Dale>>> APOP is not a valid method for the [decrypt] context. If you need to>> encrypt and decrypt data then use either 'CyberCash' or the built-in >> WebDNA>> method (not using the method= parameter).-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list
.To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Another possibility is to write the URL to a database with a unique key (like a [cart] number), then just set the cookie to that unique key. Then you can look up the URL based on the key in the cookie. My tendency is to set only a user ID cookie, and use that to lookup any user-specific data from WebDNA dbs.- brianOn Monday, February 3, 2003, at 11:02 PM, Dale LaFountain wrote:> Scott,>> OK, fair enough. APOP looked enticing because the encrypted value was > all lower ascii and SHORTER than the input string (both desirable > traits when compared to the default encryption). I didn't even know > that the APOP method existed until earlier today when I looked over > the encrypt docs.>> Upon further reading, the docs imply that Cybercash can't be used for > round trip encrypt/decrypt either:>> decrypt - seed - For CyberCash, this should be the MerchantKey you > were assigned when you created a CyberCash merchant account [...] > CyberCash decryption only works with text sent from the CyberCash > CashRegister server to you; it cannot be used to decrypt text that was > encrypted by WebDNA itself.>> So if we want to encrypt and decrypt data locally, we will need to use > either the built-in encryption or the base64 method for > encoding-but-no-encryption.>> I'm just trying to find the simplest/shortest way to save a URL in a > cookie without it breaking or containing 100 miles of url'd characters > after being encrypted and double-url'd... Since I'm not protecting > critical data, it looks like the winner is:>> [SETCOOKIE name=mycookie&value=[encrypt > method=base64][refr][/encrypt]&path=/&domain=.mydomain.com]>> Something else that took a while to track down today: Don't include > & in cookie data unless you url the input twice (or use base64 > encoding instead of url).>> Thanks,>> Dale>>> APOP is not a valid method for the [decrypt] context. If you need to>> encrypt and decrypt data then use either 'CyberCash' or the built-in >> WebDNA>> method (not using the method= parameter).-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Brian Fries
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Not really WebCat (1997)
WebDNA :: Product Reviews (2006)
two unique banners on one page (1997)
ShowNext (1997)
redirect with frames (1997)
[OT] Disable/enable field (2003)
[WebDNA] Silly question (2009)
month or year from date field in lineitems? (1998)
[Q] Novice's question (1997)
A Toughie (1998)
Command=Showcart? (2000)
[WebDNA] Different responses for the same commands ... (2011)
[writefile] (1997)
No Data Results (1997)
New 4.5 installer (2002)
WebCat2b13MacPlugIn - [showif][search][/showif] (1997)
emailer (1997)
weird order problem in 4.5.1 (2004)
Fun with Dates - finally resolved but.... (1997)
Can't load tmpl files (1997)