Thursday, September 08, 2005

Tamper proof URL's, Expiring Web Pages

Passing Tamper-Proof QueryString Parameters and Creating Expiring Web Pages cover how you can improve the security of your web application. While the example code is in VB.NET, the idea can be applied to any web programming language (PHP, Perl, VBScript etc). Basically you pass a hash (of the parameters plus a 'secret salt' (a custom string added to the start/finish)) only known to those that need to connect to the page (often just pages on the same website, but maybe used by other sites), along with the parameters and the current time and date.


Tags: ,

No comments: