doGet() encrypt parameters

Hi

When doGet() is called the parameters get appended to url.
Is it possible to encrypt parameters by calling doGet()

you can encode the url[name and value parameters] explicitly using URLEncoder or use JSTL's c:url tag, it will do implicitly for you.

and get the value using getParameter - remember here you no need to decode, getParameter do for you...

As long as the servlet knows how to decrypt them, sure, you can encrypt them. But what are you trying to protect, and from whom? Transport security would be better achieved by using HTTPS.

Oops.. Confused with encrypt with encoding... Sorry!

Please refer Ulf post.

Then how do we hide those parameters in doGet... I was asked both these question in an interview.

What do you mean by "hiding"? GET parameters are transported in the URL, so they'd always be visible in the browser address bar.

Hiding means those parameters should not be visible in URL

GET parameters are part of the URL, period. That's how GET works. If you don't want that then you need to use POST.

rucha kulkarni wrote:Hiding means those parameters should not be visible in URL

Hi Rucha,

If you don't want to parameters to be visible in URL, then use POST. If you want something else, then be clear.

Rucha,

Can you please clearly specify your requirements?

As suggested by earlier posts, you can use POST method which will submit all the parameters on your form without passing it in URL. But make sure you have the appropriate method implemented in you servlet (doPost()). Hope this helps!