Compared with a general webform,I find that MVC doesn't support encypting and decypting hiddenfield's value……So I want Microsoft to implement this to let us avoid doing that personally(I know how to do that……),But I hope it can be easy,just like this following:
[In Some controller]:
public ActionResult xxx(ModelEntity me)
{
………………
return View(me); //Encypting all the int,string……and basic values……And when out putting them,you can see encypted ones……
}
And when the page renders back while clicking "Submit",just carry these encypted values into the ModelEntity and it will decypt them……
yes, sometimes I use ViewState and I notice that……So I also want this done in MVC……For in MVC we usually use hiddenfield to contain something useful but don't want to be seen by clients——And maybe this will cause the problem of injection……
For in MVC we usually use hiddenfield to contain something useful but don't want to be seen by clients
No - we use Session to transfer data that is sensitive, not hidden fields. Hidden fields are used for managing data that we do not want to display in a form.
For in MVC we usually use hiddenfield to contain something useful but don't want to be seen by clients
No - we use Session to transfer data that is sensitive, not hidden fields. Hidden fields are used for managing data that we do not want to display in a form.
if MS could enhance the function of Model Binder,that'd be better
Asp.NET MVC it is open source - and more, it accepts contributions. So why are you not doing this?
PS:In fact I really want to do that……But I don't know how to implement it……My idea is that when somebody use my "extended" Controller(with enhanced Model Binder)……
public ActionResult xxx(EntityModel em)
{
return View(em); //When doing this,View will automatically convert each property value in the form of encypted values……But string can do that,how can let an integer value accpets the encypted value???
}
And how can I do decypt——the same and the core problem is——how to let int accept this?
TimoYang
Contributor
3732 Points
1275 Posts
Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 05:07 AM|LINK
Hi everyone here——
Compared with a general webform,I find that MVC doesn't support encypting and decypting hiddenfield's value……So I want Microsoft to implement this to let us avoid doing that personally(I know how to do that……),But I hope it can be easy,just like this following:
[In Some controller]:
public ActionResult xxx(ModelEntity me)
{
………………
return View(me); //Encypting all the int,string……and basic values……And when out putting them,you can see encypted ones……
}
And when the page renders back while clicking "Submit",just carry these encypted values into the ModelEntity and it will decypt them……
Just an idea,hope MS can understand……!
Reguards and Thanks!!!
ignatandrei
All-Star
135172 Points
21681 Posts
Moderator
MVP
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:30 AM|LINK
1. create your custom model binder.
2.
Please tell me where is this feature in WebForms ( I hope you do not consider ViewState )TimoYang
Contributor
3732 Points
1275 Posts
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:40 AM|LINK
Ah MVP……
yes, sometimes I use ViewState and I notice that……So I also want this done in MVC……For in MVC we usually use hiddenfield to contain something useful but don't want to be seen by clients——And maybe this will cause the problem of injection……
hahah……
TimoYang
Contributor
3732 Points
1275 Posts
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:42 AM|LINK
In fact this can be done by me toally……However if MS could enhance the function of Model Binder,that'd be better——Don't u think so?
Reguards!
Mikesdotnett...
All-Star
154941 Points
19870 Posts
Moderator
MVP
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:43 AM|LINK
No - we use Session to transfer data that is sensitive, not hidden fields. Hidden fields are used for managing data that we do not want to display in a form.
Beginning ASP.NET Web Pages with WebMatrix | My Site | Twitter
ignatandrei
All-Star
135172 Points
21681 Posts
Moderator
MVP
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:50 AM|LINK
Asp.NET MVC it is open source - and more, it accepts contributions. So why are you not doing this?
TimoYang
Contributor
3732 Points
1275 Posts
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:52 AM|LINK
Thanks to all!
I 'll report at http://connect.microsoft.com
Thx……
TimoYang
Contributor
3732 Points
1275 Posts
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:54 AM|LINK
Thanks!
TimoYang
Contributor
3732 Points
1275 Posts
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 07:56 AM|LINK
PS:In fact I really want to do that……But I don't know how to implement it……My idea is that when somebody use my "extended" Controller(with enhanced Model Binder)……
public ActionResult xxx(EntityModel em)
{
return View(em); //When doing this,View will automatically convert each property value in the form of encypted values……But string can do that,how can let an integer value accpets the encypted value???
}
And how can I do decypt——the same and the core problem is——how to let int accept this?
Thxxx
ignatandrei
All-Star
135172 Points
21681 Posts
Moderator
MVP
Re: Hope Microsoft can offer us a function of encypting and decypting the hiddenfield's value……
May 07, 2012 08:09 AM|LINK
Please be sure.
Custom Model Binder. Read about - there are more than 1 link on internet.