cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

How can i mask a URL parameter

MikeL7
Enthusiast ,
Apr 27, 2007 Apr 27, 2007
I have a instant messaging app and i need to mask the URL parameters that uniquely identify the message (autonumber in access db) so that a user cant change the parameter number in the browser click refresh and delete a different message#
How can i mask the msdID=<number> from showing in the browser to prevent a user from deleting or saving someone elses messages? I know it can be done
to see the example got to: http://gohbcc.com/CallCenter/EMPLOYEEMessagesVIEW.asp and enter USERNAME: admin PASSWORD: 1234
any option would be great
MikeL7
TOPICS
Server side applications
382
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

MikeL7
Enthusiast , Apr 27, 2007 Apr 27, 2007
Your message helped, i put the code to create the variable just before the repeating region table and then made form buttons that post the variable and labeled the buttons and it works perfect. THANKS
Translate
replies 3 Replies 3
latest latest Jump to latest reply
Creativ_Technologies
Contributor ,
Apr 27, 2007 Apr 27, 2007
Use the post method instead of get.
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
MikeL7
Enthusiast ,
Apr 27, 2007 Apr 27, 2007
LATEST
In Response To Creativ_Technologies
Your message helped, i put the code to create the variable just before the repeating region table and then made form buttons that post the variable and labeled the buttons and it works perfect. THANKS
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Newsgroup_User
LEGEND ,
Apr 27, 2007 Apr 27, 2007
> How can i mask the msdID=<number> from showing in the browser to prevent a
> user from deleting or saving someone elses messages?

This would be security through obscurity which is a bad idea.

Don't worry about masking the message. Instead, check the permissions of the
message on the server before returning it to the browser.

If you can't/don't want to do that, at the very least you could use server
sessions to pass the info instead rather than querystrings.

-Darrel


Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices