1

Firstly, apologies if this is the wrong place to post this question but I couldn't comment on a previous answer to ask this.

I have inherited a site that already has an encryption / decryption method built in, with a comment that says the methods were taken from this previous post, utilising the RijndaelManaged cryptography class:

https://stackoverflow.com/a/10177020/4178161

The function seems to work fine for most people, but it won't work for the client in their office. They have tried the same function with the same data from their home and it works ok. Is there anything on the network that would not allow the encryption / decryption methods to be used? They have checked their firewall and it's not blocking the page at all. Without being able to replicate I'm struggling to know where to start debugging.

It's for a forgotten password function, the users email address is encrypted and added to a link that is then emailed to the user to reset their password. The client can click this link and load the forgotten password page, but when they try to submit their new password and the email address is decrypted from the url parameter they receive the following error:

Error

Community
  • 1
  • 1
user4178161
  • 81
  • 6
  • Have you confirmed with your own eyes that the problem is not user error? I can't count how many times weird issues like this that only applied to a small group of people was usually something the user was doing wrong. – Lews Therin May 27 '16 at 12:02
  • "it won't work" isn't a sufficient problem description. In what way do problems manifest? Any exceptions etc? – James Thorpe May 27 '16 at 12:03
  • No, I haven't confirmed with my own eyes but seen as the client could make it work from home I don't think it is user error in this instance. Unfortunately 'it won't work' is all I'm getting from the client. I cannot replicate outside of their network. I have asked for screen print of error messages received. – user4178161 May 27 '16 at 12:07
  • I think you have another problem there, did you tried with same email outside of your office? question, when reset password view is shown do you check in controller if sent encrypted email is correct, if not you should do it before showing the page. Second, what I'm guessing is the problem, well you are sending via email an url having base64 alphabet, the browser will encode some of base64 alphabet, when you get that back to your server and try to decrypt you get this sort of problem. – SilentTremor May 27 '16 at 12:30

0 Answers0