Forums

Forums / Developing Portals / Encrypted Query String

Encrypted Query String

Feed for this thread
Thread is closed for posting
4 posts, 1 answered
  1. mbayes
    mbayes avatar
    17 posts
    Registered:
    29 Dec 2015
    19 Dec 2016
    Link to this post
    Hey guys,

    Is it possible to encrypt the query string value(s) so a user can't simply copy/paste the GUID into another page and possibly get access to something they shouldn't?

    I know certain widgets already encrypt the GUIDs (usually the primary key) but if we choose to not use the property "Use Unencrypted GUID" on a widget can we manually call/un-encrypt the encrypted query string parameter?

    If not, what are some things users have done to not provide conflicts or possible security holes?

    Thanks.

    Matt
  2. Clinton Bale
    Clinton Bale avatar
    126 posts
    Registered:
    21 Feb 2014
    03 Jan 2017 in reply to mbayes
    Link to this post
    Hello Matt,

    I apologise for the late response, however this can be done in TPC 3.3:

    Use the following namespace:

    pavliks.PortalConnector.Extensions

    The class is called GuidEncryption, there are four public functions that allow you to encrypt guids the same way TPC does:

    UserEncryptIf - encrypts the guid based on the UseUnencryptedGuids value
    UserEncrypt - encrypts the guid always
    UserDecryptIf - ​decrypts the guid based on the UseUnencryptedGuids value
    UserDecrypt - decrypts the guid always

    Let me know if you have any issues working with this class.

    Regards,
    Clinton

  3. mbayes
    mbayes avatar
    17 posts
    Registered:
    29 Dec 2015
    03 Jan 2017 in reply to Clinton Bale
    Link to this post
    Clinton,

    This will seem to work fine when having access to the back-end code, however, with the way TPC displays information from CRM is there any way to automatically encrypt/decrypt the query string when navigating pages?

    The issue is someone can just input the name of a page with the same query string value and have it redirect to the page with certain permissions that they should/should not have. For example, team-profiles?id=xxxxxx would take me to a read-only page, but team-profile?id=xxxxxx would take me to an editable page. We can not set permission up on this page as the user may have access to edit THEIR team but not every team.

    Let me know if you need more clarification or if there are some best practices we should be considering.

    Thanks.

    Matt
  4. Clinton Bale
    Clinton Bale avatar
    126 posts
    Registered:
    21 Feb 2014
    Answered
    03 Jan 2017 in reply to mbayes
    Link to this post
    Hi Matt,

    Since you are already using the Sitefinity roles, the next best thing (besides a custom security check) would be to add a TPC Validator widget that executes a fetch to determine if the user owns the record or not (find team where owner == me and id == query id). This would at least prevent users from editing the data, but they can still view it.

    Let me know if this approach works for you.

    Regards,
    Clinton
    Last modified on 03 Jan 2017 19:01 by Clinton Bale
4 posts, 1 answered