Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

doGet() encrypt parameters

 
rucha kulkarni
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

When doGet() is called the parameters get appended to url.
Is it possible to encrypt parameters by calling doGet()
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
you can encode the url[name and value parameters] explicitly using URLEncoder or use JSTL's c:url tag, it will do implicitly for you.

and get the value using getParameter - remember here you no need to decode, getParameter do for you...
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As long as the servlet knows how to decrypt them, sure, you can encrypt them. But what are you trying to protect, and from whom? Transport security would be better achieved by using HTTPS.
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Oops.. Confused with encrypt with encoding... Sorry!

Please refer Ulf post.
 
rucha kulkarni
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then how do we hide those parameters in doGet... I was asked both these question in an interview.
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What do you mean by "hiding"? GET parameters are transported in the URL, so they'd always be visible in the browser address bar.
 
rucha kulkarni
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hiding means those parameters should not be visible in URL
 
Ulf Dittmer
Rancher
Pie
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
GET parameters are part of the URL, period. That's how GET works. If you don't want that then you need to use POST.
 
Palak Mathur
Ranch Hand
Posts: 328
IntelliJ IDE Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
rucha kulkarni wrote:Hiding means those parameters should not be visible in URL


Hi Rucha,

If you don't want to parameters to be visible in URL, then use POST. If you want something else, then be clear.
 
Vineet P Rao
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Rucha,

Can you please clearly specify your requirements?

As suggested by earlier posts, you can use POST method which will submit all the parameters on your form without passing it in URL. But make sure you have the appropriate method implemented in you servlet (doPost()). Hope this helps!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic