Dears,
The Customer has Laserfiche Public Form.
How to encrypt the Values in the URL when initiating a Form from a third party application?
Thanks,
Dory Mina
Thanks,
Dory Mina
two ideas come to mind.
1. have the third party application store information to a database and send through a primary key in the URL that will then retrieve that information from the DB when loading, so the raw information is never in the URL.
2. you have the third party application encrypt the information, then send it to a hidden field(s) in the URL. You then have javascript perform a decryption algorithm on the information and store the new values into visible fields for the user. You may also use some sort of SQL Stored Procedure for this step so the decryption algorithm is not visible in the source code of the web page. Might even want to use a Public-Private key solution so you know that the information has to be coming from the application itself or someone with the private key.
I think Kenneth has the right idea. There aren't a lot of options for encrypting data passed through the URL, and neither of the suggested methods are very secure. What's the end goal? Who are you protecting the data from?