1. 技术文章
  2. Encrypting a URL Coldfusion and JQuery Datatable

Encrypting a URL Coldfusion and JQuery Datatable

蹲街弑〆低调 提交于 2019-12-13 03:16:09

问题


Stack Overflow Users,

I have a server side JQuery Datatable and I am attempting to encrypt the record ID. I've used this method on basic data tables in a CFLOOP but I have not been able to do it in JavaScript.

Below is my current code.

                {
                    "targets": 1,
                    "data": "LAST_NAME",
                    <cfset L = "'+ data+'"/>
                    <cfset l_id = Encrypt(L,myKey,'AES/CBC/PKCS5Padding','HEX') />
                    "render": function ( data, type, row, meta ) 
                    {return '<a href="candidate/?svr=#l_id#">'+ data+'</a>';},
                },

When I decrypt the url, it displays + data+. When I change it to use the L vairble, then I get the correct ID number but it is not encrypted

{return '<a href="candidate/?svr=#L#">'+ data+'</a>';}

I know it has something to do with using CFSCRIPT yet I am unclear how to use this. Any help would be great.


回答1:


Although, there are many methods for encrypting the url, I found in my case the best method was to intercept the EMPLOYEE_ID in the JSON request prior to the JavaScript hand off.

<cfset ED_ID = Encrypt(EMPLOYEE_ID,myKey,'AES/CBC/PKCS5Padding','HEX')/>
    <cfset obj = {
        "EMPLOYEE_ID" = variables.ED_ID,

As you can see from the above example, the Employee_ID is modified before passing it to the JSON response. The successfully encrypts the employee id and creates the more secure URL.




回答2:


If you're trying to encrypt a JavaScript variable, from ColdFusion, that isn't possible. ColdFusion is a server side language. It can't access JavaScript code and/or variables and vice versa. Any encryption with ColdFusion must be done server side, before any data is sent to the client.

While you can use cfscript, and some even prefer it, technically you don't "have to". Looping though a query and encrypting values can be done with either CFML or cfscript.

TryCF.com Example

CFScript

// simulate query data
myKey = generateSecretKey("AES");

qry = queryNew("l_id,last_name"
            , "integer,varchar" 
            , [ {l_id=1, last_name="Johnson"}
                , {l_id=2, last_name="Carson"}
                , {l_id=3, last_name="Jackson"}
              ]
      ); 

// encrypt query values        
for (row in qry) {
    qry.l_id[qry.currentRow] = encrypt(row.l_id, myKey,"AES/CBC/PKCS5Padding", "HEX"); 
}

writeDump(var=qry, label="Query (After)");

CFML

<!--- simulate query data --->
<cfset myKey = generateSecretKey("AES")>

<cfset qry = queryNew("l_id,last_name"
                ,"integer,varchar", 
                [ {l_id=1, last_name="Johnson"}
                , {l_id=2, last_name="Carson"}
                , {l_id=3, last_name="Jackson"}
                ]
    )>


<!-- encrypt query values --->        
<cfloop query="qry">
    <cfset qry.l_id[qry.currentRow] = encrypt(qry.l_id, myKey,"AES/CBC/PKCS5Padding", "HEX")>
</cfloop>    

<cfdump var="#qry#" label="Query (After)">


来源:https://stackoverflow.com/questions/49204992/encrypting-a-url-coldfusion-and-jquery-datatable

标签
javascript
jquery
coldfusion
datatables
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!