Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

URL Encoding

 
Sandeep Singh Kunwar
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi guys!!
I think my prob is a common one, but i dint found any satisfactory answer.

Here its:
We developed a application in JSP mainly without following MVC(surprisingly). It shows all the URL's straight forward. Which i am assigned to change, as any one can alter the URL and access things.
Now i want to use any sort of URL Encoding. Like most of the standard sites are using some sort of URL encoding. But i dont have any idea for that. If u guys can help in any way.

I am also interested in knowing, how much of rework will be needed, if any idea.
Thanks in advance
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64969
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If I understand what you are after, "URL encoding" is not the correct term. URL encoding is the process of encoding the individual characters in a URL for transmission.

If I am correct in my guess, you are looking for tips on "URL mapping" -- where your URLs do not directly address physical resources.

One way to do this is to employ the use of a Front Controller. Lots of info on this available on the web, and if you're patient, will be a topic in the next edition of the JR Journal.

It's also possible to simply define a bunch of mappings in the deployment descriptor, but that get pretty unwieldly very quickly, even for small web apps.
 
Sandeep Singh Kunwar
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes Bear Bibeault!!

U r right, URL Encoding doesn't looks appropriate. I think URL Encryption or something else may look fine.

"URL mapping" to directly address physical resources. - ya its one of the prob, but it includes encryption of parameters while moving.

Can u plz elobaorate this "Front Controller." - surely i m searching net for this.
JR Journal. - now i am eager for that edition
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64969
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sandeep, please read this as well.
 
Sandeep Singh Kunwar
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I read that article and i m sorry bear, well in future surely i will take care for my wordings(Im still learning).
But even now my problem is unsolved.
i will try to reframe it.

Actully i want to know, how sites like myspace.com or yahoo etc uses this sort of encryption:
http://viewmorepics.myspace.com/index.cfm?fuseaction=user.viewPicture&friendID=4603710&MyToken=dac1874-0c04-499e-8317-0312cdf38ee
http://us.f343.mail.yahoo.com/ym/login?.rand=a6fhagb4prut4

which makes URL difficult to analyze and break i think ?

i will be gratefull to any sort of help.
Thanks in advance!!
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64969
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
While it's not clear what those sites are doing, encrypting the values you pass on a URL is often a good idea. Exposing primary keys to your database data is particularly poor.

We have a forum for security where you might get some ideas for encrypting the individual request parameter values.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic