Click here to Skip to main content
15,890,557 members
Search within:


How to encrypt and decrypt url in ASP.NET MVC
Please Sign up or sign in to vote.
1.00/5 (3 votes)
See more:
ASP.NET
MVC3
MVC4
Hi ,
How to prevent from URL manipulation in asp.net mvc.
is it possible to encrypt and decrypt url in asp.net mvc

What I have tried:

I have search but i have not found any proper solution.
Posted
Updated 4-Oct-16 1:55am
Add a Solution
Comments
David_Wimbley 31-Aug-16 10:45am    
You can't encrypt a URL entirely otherwise its a bunch of gibberish to the browser.

What you can do is something like taking this URL

http://localhost/product/my-product-id (http://localhost/product/1)

Then encrypting my-product-id

http://localhost/product/encryp-product-id (http://localhost/product/lkewhrgkljhergkjh)

Then in your controller, using the Id in the url past into the controllers action, you would decrypt that value and go about loading the page accordingly.

If this isn't good enough, then i don't think you have other options.

2 solutions

NameSpace Required

C#
 using System.IO;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;
using System.Security.Cryptography



Put this method in common functuion


C#
private string Encrypt(string clearText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
            {
                cs.Write(clearBytes, 0, clearBytes.Length);
                cs.Close();
            }
            clearText = Convert.ToBase64String(ms.ToArray());
        }
    }
    return clearText;
}
 
private string Decrypt(string cipherText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] cipherBytes = Convert.FromBase64String(cipherText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
            {
                cs.Write(cipherBytes, 0, cipherBytes.Length);
                cs.Close();
            }
            cipherText = Encoding.Unicode.GetString(ms.ToArray());
        }
    }
    return cipherText;
}



C#
cmd.Parameters.AddWithValue("@Username", txtUsername.Text.Trim());
cmd.Parameters.AddWithValue("@Password", Encrypt(txtPassword.Text.Trim()));
 
Share this answer
 
Posted
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Encrypting and decrypting URL
Encrypte and Decrypte url using javascript
How to send an encrypted url link in MVC
Encrypt and decrypt query strings in MVC3?
encrypted url in asp.net
problem with encryption and decryption
Encrypt all url in mvc with urlhelper
Encryption and decryption
encryption & decryption
Encryption And Decryption in ASP.Net

Advertise
Privacy
Cookies
Terms of Use
Last Updated 4 Oct 2016
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web01 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900