0

I want to hide the id from the link to be something like www.example.com/edit?DashboardId=14c140fc-b269-46e3-9649-d2c374d9d1e1&SelectedId=db250226-ad35-40ac-a321-1eedbe3460fc

My current link is www.example.com/edit?DashboardId=14

Eliud Karanja Ndiritu
  • 17
  • 4
  • you cannot hide but you can encrypt it – Kayes Fahim Jan 05 '23 at 08:35
  • 3
    if you want to keep it secrete the please use POST Request instead of get Request – Kayes Fahim Jan 05 '23 at 08:36
  • if you want to hide u can use POST Request or SESSION instead of get – Andriu1510 Jan 05 '23 at 08:37
  • If you want to have user friendly URL, use URL rewriting where you map `Dashboardid=14` into `14c140fc-b269-46e3-9649-d2c374d9d1e1` – Justinas Jan 05 '23 at 08:38
  • 6
    [Is obfuscation actually security?](https://stackoverflow.com/questions/533965/why-is-security-through-obscurity-a-bad-idea) - If you are trying to "hide" certain stuff, then it's worthwhile to rethink your strategy! – DarkBee Jan 05 '23 at 08:39
  • the reason am using get is that i still want to use the id in the form to perform some operations – Eliud Karanja Ndiritu Jan 05 '23 at 08:39
  • 6
    @KayesFahim Using POST doesn't keep the values _secret_, users can use the browsers DevConsole/Network tab to see which values have been sent. – brombeer Jan 05 '23 at 08:42
  • 1
    You could look into having a UUID on each record, so that is used in any links produced. – Nigel Ren Jan 05 '23 at 08:58
  • 2
    Why do you think you need to hide the ID? – ADyson Jan 05 '23 at 10:47
  • 2
    You're describing a UUID on each record (as a column) to use as an alternate reference. Note, switching to a UUID will make it harder to guess than a number, but obscurity only provides so much security (as opposed to checking permissions and access for each item). – Jared Farrish Jan 05 '23 at 13:04

0 Answers0