|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Kalyan Varma (kalyan_at_yahoo-inc.com)
Date: Wed Jul 10 2002 - 14:15:06 CDT
You could basically pass parameters by encrypting or hashing the
paramaters and then either sending them via the URL, or in form of cookies.
This way the cracker cant mess with the variables.
Hidden form variables etc only stop script kiddies :)
- kalyan
On Wed, 10 Jul 2002, Steven Fling wrote:
> Our application communicates across various application server environments via HTTP/HTTPS requests (versus RMI, etc.) and needs to pass data/parameters back and forth. Naturally we use SSL to encrypt the request/response.
>
> I wanted to see if there were any Best Practices established to transfer data in this fashion. POST vs. GET method, querystring vs. hidden form variable, etc.
>
> Any insight would be appreciated!
>
> ____________________________________
> Steve Fling
> Managing Architect - Web Development
> OppenheimerFunds, Inc.
> sfling
oppenheimerfunds.com
> Office: 303.768.3200
> FAX: 303.768.1096
> http://www.oppenheimerfunds.com
> ____________________________________
>
>
> This electronic mail transmission may contain confidential information and is intended only for the person(s) named. Any use, copying or disclosure by any other person is strictly prohibited. If you have received this transmission in error, please notify the sender via e-mail.
>
>
>
------------------------------------------ Kalyan Varma Alluri <kalyan
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]