Home/ Questions/Q 736257
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T07:35:02+00:00

What is the best method to obfuscate the urls created in Dynamic Data? eg

  • 0

What is the best method to obfuscate the urls created in Dynamic Data?

eg \Products\List.aspx?ProductId=2 could become

\Products\List.aspx?x=UHJvZHVjdElkPTI=

where “ProductId=2” is base 64 encoded to prevent casual snooping on

\Products\List.aspx?ProductId=3

\Products\List.aspx?ProductId=4

etc…?

I will probably have to inherit from an existing object and override some function
The question is which object and what function

GetActionPath of the Metamodel object seems interesting,
but how does the DynamicRoute “{table}/{Action}.aspx” play in into it…

Right now on Asp.net 1.1 site I use an custom implementation of the following code.
http://www.mvps.org/emorcillo/en/code/aspnet/qse.shtml It is HTTPModule that uses regular expression to rewrite all the querystrings and also with reflection changes the Querystring collection with decoded values.

So where is the hook to affect the change.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I have found the solution

    With advice, I have implemented a Route that inherits from DynamicDataRoute.

    The methods overridden were GetVirtualPath and GetRouteData.

    Here is the global.asax page 

     routes.Add(New EncodedDynamicDataRoute("{table}/{action}.aspx") With { _
.Defaults = New RouteValueDictionary(New With {.Action = PageAction.List}), _
.Constraints = New RouteValueDictionary(New With {.Action  "List|Details|Edit|Insert"}), _
.Model = model})

    Here is the Encoded DynamicDataRoute.

    Imports System.Web.DynamicData
Imports System.Web.Routing
''' <summary>
''' The purpose of this class to base 64 encode the querystring parameters.
''' It converts the keys to base64 encoded and back.
''' </summary>
Public Class EncodedDynamicDataRoute
Inherits DynamicDataRoute
Public Sub New(ByVal url As String)
    MyBase.New(url)
End Sub

Public Overloads Overrides Function GetRouteData(ByVal httpContext As HttpContextBase) As RouteData
    Dim routeData As RouteData = MyBase.GetRouteData(httpContext)
    If Not (routeData Is Nothing) Then
        DecodeRouteValues(routeData.Values)
    End If
    Return routeData
End Function
Private Sub EncodeRouteValues(ByVal routeValues As RouteValueDictionary)
    Dim tableName As Object
    If Not routeValues.TryGetValue("table", tableName) Then
        Return
    End If
    Dim table As MetaTable
    If Not Model.TryGetTable(DirectCast(tableName, String), table) Then
        Return
    End If
    Dim strOutput As New StringBuilder
    Dim val As Object
    For Each column As MetaColumn In table.PrimaryKeyColumns
        If routeValues.TryGetValue(column.Name, val) Then
            strOutput.Append(column.Name & Chr(254) & val & Chr(255))
            routeValues.Remove(column.Name)
        End If
    Next
    Dim out As String = (Convert.ToBase64String(Encoding.ASCII.GetBytes(strOutput.ToString)))
    If routeValues.ContainsKey("x") Then
        routeValues.Item("x") = out
    Else
        routeValues.Add("x", out)
    End If
End Sub
Public Overloads Overrides Function GetVirtualPath(ByVal requestContext As RequestContext, ByVal values As RouteValueDictionary) As VirtualPathData
    EncodeRouteValues(values)
    Return MyBase.GetVirtualPath(requestContext, values)
End Function
Private Sub DecodeRouteValues(ByVal routeValues As RouteValueDictionary)
    Dim tableName As Object
    If Not routeValues.TryGetValue("table", tableName) Then
        Return
    End If
    Dim table As MetaTable
    If Not Model.TryGetTable(DirectCast(tableName, String), table) Then
        Return
    End If
    Dim enc As New System.Text.ASCIIEncoding()
    Dim val As Object
    If routeValues.TryGetValue("x", val) AndAlso val <> "AAA" Then
        Dim strString As String = enc.GetString(Convert.FromBase64String((val)))
        Dim nameValuePairs As String() = strString.Split(Chr(255))
        Dim col As MetaColumn
        For Each str11 In nameValuePairs
            Dim vals() As String = str11.Split(Chr(254))
            If table.TryGetColumn(vals(0), col) Then
                routeValues.Add(val(0), col)
            End If
        Next
    End If
   End Sub
  End Class
    • 0