Question

我使用vb 2010与Classic ASP页面进行通信。我尝试使用StreamReader，WebRequest和WebResponse编写一个检查程序有效性的例程

Dim inStream As StreamReader
    Dim webRequest As WebRequest
    Dim webResponse As WebResponse
    Dim encode As Encoding = System.Text.Encoding.GetEncoding("utf-8")
    Dim sURL As String = "http://localhost/activate-check.asp?"

    webRequest = webRequest.Create(sURL & "key=" & sFullKey & "email=" & txtEmail.Text)
    webResponse = webRequest.GetResponse()
    inStream = New StreamReader(webResponse.GetResponseStream, encode)
    Dim sResponse As String = inStream.ReadToEnd()

代码完美无缺，但url数据是纯文本，回复也是如此

http://localhost/activate-check.asp?key=1234567890&email=email@email.com

有没有办法可以加密请求数据，然后在asp页面上解密

Answer 1

有许多有效的加密用例; URL parameters is not one of them

Encrypting URL parameters

What to do instead of URL parameter encryption

如果您不同意此建议，请确保您至少using authenticated encryption，除非您喜欢选择密文攻击的奇怪攻击。

如何在vb.net中加密url字符串数据并在经典asp中解密

1 个答案: