Official Content

Allows or denies the encryption of the parameters sent to a URL, and establishes security levels when parameter encryption is used in Web Objects.

Values

No Indicates that the parameters in the Web objects URL will not be encrypted. This is the default value.
Session key Indicates that the parameters in the URL will be encrypted using a different key for each session. The encryption is made using local cookies. This value offers a higher level of security, but it does not allow shared URLs. This means that user X cannot send a URL with parameters to user Y because, in this case, the URL will not work given that the corresponding cookie is required for decryption.
Site key Parameters in the Web objects URL are encrypted, but the encryption key will be the same for the whole site. In this case, cookies are not used. This implies a lower level of security, but simplifies link transfers.
Use Environment property value The property value is obtained from the Environment property with the same name.

Scope

Objects: Procedure, Transaction, Web Panel
Generators: .NET, Java

Description

It is recommended to read Protecting sensitive data used on the client side.

Notes:

  • The encryption key for encrypting the URL parameters can be specified using the application.key file (see SAC #29369). In the case of NET see SAC #29874 — more information in Application Encryption Key property.
  • When using GXflow, all applications associated with a Task must have the Encrypt URL Parameters property set to 'Use Environment property value'.

How to apply changes

To apply the corresponding changes when the property value is configured, execute a Rebuild All.

See Also

GetEncryptionKey function

Last update: December 2024 | © GeneXus. All rights reserved. GeneXus Powered by Globant