in reply to Encrypting or Hiding Certain Info in a URL

You can prevent the username and password from being displayed in the URL by having your form use method=post instead of method=get. If you're passing the username and/or password between scripts, you'll then need to use either hidden input fields or cookies instead of building a URL with a query from scratch.

Encrypting is another story. You can't really tell browsers to encrypt the password before sending it to you (short of writing a Java script that does it, or something like that), but you can ensure that the post/get data is sent securely by building your website on an SSL secured web server. You should ask your web hosting provider for information about SSL. Or if you're doing it yourself, some of the easier answers are Apache_SSL and Apache with mod_ssl.

Alan

Replies are listed 'Best First'.
RE: Re: Encrypting or Hiding Certain Info in a URL
by Anonymous Monk on Aug 02, 2000 at 23:14 UTC
    If you are looking to encrypt certain parts of the form, I've found a site where they have RSA Encryption (for the paranoid who can't do SSL) done in JavaScript. http://my.netian.com/~dubs37/eng_cyber_rsa.htm
[reply]
RE: Re: Encrypting or Hiding Certain Info in a URL
by Anonymous Monk on Aug 03, 2000 at 00:36 UTC
    method=post only works for input types, not text links (IIRC). I've had the same problem as the original poster and had to create a text link (ie: a table of files to download) that has to include the username/password. IMHO, looking at the answers presented by the monks is to go with cookies. It's a bit more of a pain than putting it in the string, but it'll prevent figuring out passwords. Regards
[reply]
RE: Re: Encrypting or Hiding Certain Info in a URL
by Kiko (Scribe) on Aug 02, 2000 at 23:42 UTC 
    
I was actually using method=get, i switched to method=post
and that solved my problem. I will be looking into perl_mod
or mod_perl.

Thanx,
Kiko

    [download]
[reply]
[d/l]

In Section Seekers of Perl Wisdom