Hide parameters in the QueryString

Navigation
2

I have this function that I use to send parameters through QueryString: 

<script>

    function Enviar(){

    var string_request;
    usuario = document.getElementById('Usuario').value;
    password = document.getElementById('Password').value;

    string_request = "Default.asp?Usuario=" + usuario + "&Password=" + password;                        
    window.open(string_request);

    }

</script>

The problem is that when entering the Default.asp web page, the user information and password are displayed

Does anyone know in any way to hide this information?

    
asked by ARR 10.07.2018 в 17:21
source

2 answers

4

The parameters should be passed in the body of the request, but unfortunately a GET request has no body ( body ), so you will have to use POST.

The problem is that this means that you will have to change the code, because when loading a new page using a URL, a request is always made with the GET method.

Simply create a form ( form ) that points to Default.asp and that has as inputs the user and the password, you would not need or use Javascript: 

<form action="Default.asp"  target="_blank" method="post">

    <label for="Usuario"><b>Usuario</b></label>
    <input type="text" name="Usuario" required>

    <label for="Password"><b>Password</b></label>
    <input type="password" name="Password" required>

    <button type="submit">Login</button>
</form>

By having target="_blank" , by sending the form a new tab will open

    
answered by 10.07.2018 / 17:35
source
2

The Method GET sends information in the query string. The Method POST sends information in the body of the HTTP request.

Although still in the POST request it is possible to see that information using the browser's communications inspector, this is not visible within the querystring.

If you are sending information from a form you can add the method to be used as a parameter of the form <form id='miforma' method='POST'>

    
answered by 10.07.2018 в 17:31
Knowing if an image exists or not correctly charged how to work with double quotation marks