Re: [Semi-OT] encrypted variable in URL

This WebDNA talk-list message is from

2005

It keeps the original formatting. numero = 62709
interpreted = N
texte = Thanks for this.I've already looked at trying to hide it in a larger variable, and whilst it's not perfect, it may well be the simplest solution.I think this method, along with some method of checking for "suspicious" incorrect variables may work OK.Mark.On 29 Jul 2005, at 00:43, Stuart Tremain wrote:> Mark>>> Try doing something like hiding the variable in the variable.>> You could have it sent to you in a format that when you broke it > down you could extract the required data.>> EG:>> You require the variable 2468 to be sent to you. Have them send it > to you as> xxxxxx2468xxxxxx> where x=random digit, then use [GetChars start=7&end=10] > xxxxxx2468xxxxxx[/GetChars]>> If the value is as low a 2 digits, you will have to have it sent to > you with leading zeros eg>> You require 34, have them send xxxxxx0034xxxxxx>> then strip the zeros off [Math][GetChars start=7&end=10] > xxxxxx0034xxxxxx[/GetChars]+0[/Math] = 34>> Now if you are using letters or a mix I will leave it to you :)>>> Stuart Tremain> idfk web developments, sydney, australia>> On 29 Jul 2005, at 7:40 AM, Mark Derrick wrote:>>>> Simple problem - got a third-party that wants to click-through to >> us whilst also sending a variable on the incoming link.>> Now the easy bit is to use SSL and get them to use POST, and to >> check the [referrer] - BUT as an extra level of protection (to >> stop the value of the variable being adjusted), we'd also like to >> somehow either encrypt the value or include some kind of checksum.>> The problem is that the value may be as low as 2 digits.>> I'm also that not happy about trusting security on [referrer], so >> encrypting the value would solve a lot of problems>>>> Anyone doing anything similar, feedback about what works and what >> doesn't would be useful.>>>> Thanks.>>>> ------------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to > digest@talk.smithmicro.com>>> Web Archive of this list is at: http://webdna.smithmicro.com/>>>>>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com>> Web Archive of this list is at: http://webdna.smithmicro.com/>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Associated Messages, from the most recent to the oldest:

Re: [Semi-OT] encrypted variable in URL ( Mark Derrick 2005)
Re: [Semi-OT] encrypted variable in URL ( Stuart Tremain 2005)
[Semi-OT] encrypted variable in URL ( Mark Derrick 2005)

Thanks for this.I've already looked at trying to hide it in a larger variable, and whilst it's not perfect, it may well be the simplest solution.I think this method, along with some method of checking for "suspicious" incorrect variables may work OK.Mark.On 29 Jul 2005, at 00:43, Stuart Tremain wrote:> Mark>>> Try doing something like hiding the variable in the variable.>> You could have it sent to you in a format that when you broke it > down you could extract the required data.>> EG:>> You require the variable 2468 to be sent to you. Have them send it > to you as> xxxxxx2468xxxxxx> where x=random digit, then use [GetChars start=7&end=10] > xxxxxx2468xxxxxx[/GetChars]>> If the value is as low a 2 digits, you will have to have it sent to > you with leading zeros eg>> You require 34, have them send xxxxxx0034xxxxxx>> then strip the zeros off [math][GetChars start=7&end=10] > xxxxxx0034xxxxxx[/GetChars]+0[/Math] = 34>> Now if you are using letters or a mix I will leave it to you :)>>> Stuart Tremain> idfk web developments, sydney, australia>> On 29 Jul 2005, at 7:40 AM, Mark Derrick wrote:>>>> Simple problem - got a third-party that wants to click-through to >> us whilst also sending a variable on the incoming link.>> Now the easy bit is to use SSL and get them to use POST, and to >> check the [referrer] - BUT as an extra level of protection (to >> stop the value of the variable being adjusted), we'd also like to >> somehow either encrypt the value or include some kind of checksum.>> The problem is that the value may be as low as 2 digits.>> I'm also that not happy about trusting security on [referrer], so >> encrypting the value would solve a lot of problems>>>> Anyone doing anything similar, feedback about what works and what >> doesn't would be useful.>>>> Thanks.>>>> ------------------------------------------------------------->> This message is sent to you because you are subscribed to>> the mailing list .>> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to > digest@talk.smithmicro.com>>> Web Archive of this list is at: http://webdna.smithmicro.com/>>>>>>> -------------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > To switch to the DIGEST mode, E-mail to digest@talk.smithmicro.com>> Web Archive of this list is at: http://webdna.smithmicro.com/>-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/ Mark Derrick

DOWNLOAD WEBDNA NOW!

Re: [Semi-OT] encrypted variable in URL

2005

Top Articles:

Related Readings: