user2120121 user2120121 - 4 months ago 21
ASP.NET (C#) Question

Encrypt Route Data in URL

In my ASP.NET MVC app, I want to encrypt the route data and NOT QueryString, in other word:

I'm using the ASP.NET MVC default route pattern :

routes.MapRoute(
name: "Default",
url: "{controller}/{action}/{id}",
defaults: new { controller = "Home", action = "Index", id = UrlParameter.Optional },
namespaces: new[] { "WHATEVER" }
);


And I have Action Method take id Parameter:

public ActionResult Example(int id)
{
return View();
}


So My Url Now to pass the data to this Action Method is:

/Controller/Example/5

And I want it like this

/Controller/Example/ENCRYPTEDPARAMTER

Thanks in Advance

Answer

I found a nice guide to do what I want but with QueryString BUT NOT Route Data, So I updated it to work with both QueryString and Route Data, the guide was based on creating custom Helper and custom Attribute, so put my changes easily, I will mention by code my changes:

Custom Helper

  public static MvcHtmlString EncodedActionLink(this HtmlHelper htmlHelper, string linkText, string Action, string ControllerName, string Area, object routeValues, object htmlAttributes)
    {
        string queryString = string.Empty;
        string htmlAttributesString = string.Empty;
       //My Changes
        bool IsRoute = false;
        if (routeValues != null)
        {
            RouteValueDictionary d = new RouteValueDictionary(routeValues);
            for (int i = 0; i < d.Keys.Count; i++)
            {
                 //My Changes
                if (!d.Keys.Contains("IsRoute"))
                {
                    if (i > 0)
                    {
                        queryString += "?";
                    }
                    queryString += d.Keys.ElementAt(i) + "=" + d.Values.ElementAt(i);
                }
                else
                {
                    //My Changes
                    if (!d.Keys.ElementAt(i).Contains("IsRoute"))
                    {
                        queryString += d.Values.ElementAt(i);
                        IsRoute = true;
                    }
                }
            }
        }

        if (htmlAttributes != null)
        {
            RouteValueDictionary d = new RouteValueDictionary(htmlAttributes);
            for (int i = 0; i < d.Keys.Count; i++)
            {
                htmlAttributesString += " " + d.Keys.ElementAt(i) + "=" + d.Values.ElementAt(i);
            }
        }


        StringBuilder ancor = new StringBuilder();
        ancor.Append("<a ");
        if (htmlAttributesString != string.Empty)
        {
            ancor.Append(htmlAttributesString);
        }
        ancor.Append(" href='");
        if (Area != string.Empty)
        {
            ancor.Append("/" + Area);
        }

        if (ControllerName != string.Empty)
        {
            ancor.Append("/" + ControllerName);
        }

        if (Action != "Index")
        {
            ancor.Append("/" + Action);
        }
        //My Changes
        if (queryString != string.Empty)
        {
            if (IsRoute == false)
                ancor.Append("?q=" + Encrypt(queryString));
            else
                ancor.Append("/" + Encrypt(queryString));
        }
        ancor.Append("'");
        ancor.Append(">");
        ancor.Append(linkText);
        ancor.Append("</a>");
        return new MvcHtmlString(ancor.ToString());
    }

Custom Attribute:

  public override void OnActionExecuting(ActionExecutingContext filterContext)
    {
        int Id;

        Dictionary<string, object> decryptedParameters = new Dictionary<string, object>();
        if (HttpContext.Current.Request.QueryString.Get("q") != null)
        {
            string encryptedQueryString = HttpContext.Current.Request.QueryString.Get("q");
            //string decrptedString = Decrypt(encryptedQueryString.ToString());
            string decrptedString = Decrypt(encryptedQueryString.ToString());
            string[] paramsArrs = decrptedString.Split('?');

            for (int i = 0; i < paramsArrs.Length; i++)
            {
                string[] paramArr = paramsArrs[i].Split('=');
                decryptedParameters.Add(paramArr[0], Convert.ToInt32(paramArr[1]));
            }
        }
        else if (!HttpContext.Current.Request.Url.ToString().Contains("?"))
        {
            //if (int.TryParse(Decrypt(HttpContext.Current.Request.Url.ToString().Split('/').Last()), out Id))
            if (int.TryParse(Decrypt(HttpContext.Current.Request.Url.ToString().Split('/').Last()), out Id))
            {
                string id = Id.ToString();
                decryptedParameters.Add("id", id);
            }
        }
        else if (HttpContext.Current.Request.Url.ToString().Contains("?"))
        {
            //if (int.TryParse(Decrypt(HttpContext.Current.Request.Url.ToString().Split('/').Last().Split('?')[0]), out Id))
            if (int.TryParse(Decrypt(HttpContext.Current.Request.Url.ToString().Split('/').Last().Split('?')[0]), out Id))
            {
                string id = Id.ToString();
                if (id.Contains('?'))
                {
                    id = id.Split('?')[0];
                }
                decryptedParameters.Add("id", id);
            }

            string[] paramsArrs = HttpContext.Current.Request.Url.ToString().Split('/').Last().Split('?');
            for (int i = 1; i < paramsArrs.Length; i++)
            {
                string[] paramArr = paramsArrs[i].Split('=');
                decryptedParameters.Add(paramArr[0], Convert.ToInt32(paramArr[1]));
            }
        }

        for (int i = 0; i < decryptedParameters.Count; i++)
        {
            filterContext.ActionParameters[decryptedParameters.Keys.ElementAt(i)] = decryptedParameters.Values.ElementAt(i);
        }
        base.OnActionExecuting(filterContext);

    }

Actually My changes was not that big, so the creadit actually for this guide.