Hiding strings sent in the URL

Question

I want to pass some JSON code in the URL as a get parameter, but I don't want anyone will know what I'm sending and also I don't want to store in the DB the data.

Now I'm using base64 encoding to encrypt the JSON but it isn't safe.

Does anyone have another idea how can I do that?

$json = '{"key":"value"}';
$encoded_json = base64_encode($json);

header("Location: http://domain.com/data={$encoded_json}");

possible duplicate of [PHP, Simplest Two Way Encryption](http://stackoverflow.com/questions/9262109/php-simplest-two-way-encryption) — Artjom B., Jun 24 '15 at 11:00

score 1 · Answer 1 · answered Dec 03 '18 at 21:24

1

Don't encrypt URL parameters. Instead, use a separate look-up.

Also, base64 isn't encryption, it's an encoding scheme.

answered Dec 03 '18 at 21:24

Scott Arciszewski

33,610
16
89
206

Hiding strings sent in the URL

1 Answers1