how can we send a parameter to HttpGet IActionResult method which is not show in url

Question

public IActionResult Create(String UserID) { //do some action } in view, I am sending parameter with

<a href="/ProductRegistration/edit?UserID=@UserObject.UserID"></a>

in this method value is shown in the URL I want to not show in the URL how can we send a parameter from the body my result is localhost:443//Admin/Create/5 I want this type of result localhost:443//Admin/Create and this create method should receive a parameter can it possible

By not showing it in the URL what are you trying to achieve? — Eldar, May 17 '22 at 11:15
you can add encrypt / decrypt mechanism for this. Use any encryption method. — Ajay2707, May 17 '22 at 11:20

Nick Papadiochos · Accepted Answer · 2022-05-17T11:25:41.680

2

Mubashir, maybe something like this can help you out:

using Microsoft.AspNetCore.Mvc;

[HttpPost]
public IActionResult Create([FromBody] String UserID) { //do some action }

@using (Html.BeginForm("ActionName", "ControllerName", FormMethod.Post))
{
  //Code Here
}

edited May 17 '22 at 11:25

answered May 17 '22 at 11:25

Nick Papadiochos

329
3
8

Paul Kertscher · Answer 2 · 2022-05-18T05:20:21.677

HTTP allows different methods that are suited for certain actions to be performed on the server. Theoretically GET is intended to get resources (such as a web page, but may be a JSON object, too) and hence allows no body at all in the request. While you could misuse custom headers, my advice is to avoid it at any rate possible. Future developers, maybe even your future self, will thank you.

POST requests, on the other hand, allow data to be posted to the server. According to the spec, one should expect the resource to be altered on the server afterwards, I think, but in the real world it's often misused to transmit login data for quite obvious reasons (you would not want your password to show up in your browser history, which would be the case with GET requests - which may not hold true anymore since it would not show up with JS HTTP requests, even if the request was a GET).

So you'd have to alter your controller to allow POST requests, as Nick said, with the HttpPostAttribute and replace the link with a form, for links do not allow POST requests at all (GET is the default for the browser).

See this question for some more options to use POST instead of GET in an HTML page (which would eventually be some kind of form in most cases).

score 0 · Answer 3 · answered May 17 '22 at 13:17

Removing ID from URL won't hide it from anyone. Unless you need it in body explicitly due to some other restrictions, I wouldn't bother. If you want to hide it, consider encrypting your ID or using GUIDs instead if Integers. VS offers System.Security.Cryptography so you don't need to download anything and its AES encryption is considered to be among most secure encryption method commonly used nowadays. But anyway, that was just an advice, now to answer your original problem.

In your view, you can do something like this:

@using(Html.BeginForm()){
    <input type="text" name="nameofparameter" value="@UserObject.UserID"/> 
    <input type="submit" value="Submit" formaction="@Url.Action("ActionName","Controller")"/>
}

Then in your controller, you would have

[HttpPost]
public ActionResult ActionName(int nameofparameter) //note the automatic parsing
// your code here

how can we send a parameter to HttpGet IActionResult method which is not show in url

3 Answers3