This question already has an answer here:


If you REALLY want to encrypt the query param, it's very simple, just use any encryptor provided by .Net and then use an attribute or a httpmodule to decrypt the param.

The most important thing is to ALWAYS validate the request. If you can do it a POST with anti forgery token, do it. Then, always check the user credentials if that user has access to the protected resource.

It's not hard at all, but you have to take it slowly and handle every scenario you can think of. Use a white list approach: only those who meet some conditions are allowed.

One option would be to make your PK's that long with a randomly generated string or a unique identifier (GUID).

Need Your Help

Change radio button input when click on the any point of the entire parent div

jquery html input radio-button checked

I am using radio input as a switch that alternates languages to be displayed on my website. The radio input has a class of ".switch", which is wrapped by its parent div ".switch-block". What I am t...

Running imagesnap in PHP with Mac Server

php html macos bash osx-server

I am trying to develop a small site to take snapshots of my house using a webcam connected to to my mac mini at home. The mac mini is running OS X Server. The Webcam is a Logitech HD Pro Webcam C92...