Encrypt URL Parameters propertyOfficial Content

To either allow or deny the encryption of the parameters sent to a URL, and to establish levels of security when the encryption of the parameters is used between Web Objects.


No Indicates that the parameters in the Web objects URL will not be encrypted. This is the default value.
Session Key Indicates that the parameters in the URL will be encrypted using a different key for each session. The encryption is made using local cookies. This value offers a higher level of security, but it does not allow shared URLs. This means that user X cannot send a URL with parameters to user Y because, in this case, the URL will not work, since the corresponding cookie is required for decryption.
Site Key Parameters in the Web objects URL are encrypted, but the encryption key will be the same for the whole site. In this case, cookies are not used. This implies a lower level of security but makes links transfers easier.


How to apply changes#

Rebuild all objects


  • The encryption key for encrypting the URL parameters can be specified using the application.key file (see SAC 29369). In case of NET see SAC 29874.
  • When using GXflow, all applications associated to a Task must have the Encrypt URL Parameters property set to Use Environment property value.


Objects Transaction object, Web Panel object, Procedure object with Call Protocol property = HTTP
Languages .NET, Java, Ruby
Interfaces Web


See Also#

GetEncryptionKey Function

Was this page helpful?
What Is This?
Your feedback about this content is important. Let us know what you think.