Can the Profile data be altered by the client?

Discussion in 'ASP .Net' started by Christian Döring, Apr 20, 2006.

  1. Hi,

    I want to store a refferer id in the ASP.NET 2.0 Profile. I have read, that
    you shouldn't store sensitive data in the Profile without encryption. Is it
    because it is stored as clear text in the database or are there other
    reasons? When I set the refferer id on the server side, can I rely on it? Or
    is there any case in which data from the profile is beeing stored at client
    side and therefore not safe from modification?

    Thx
    Christian Döring, Apr 20, 2006
    #1
    1. Advertising

  2. its because its clear text in the database. privacy laws are requiring
    better control of information. for example, one of the big credit cards
    thefts was actually caused by a bank losing its backup tape and the data was
    not encrypted.

    you can not count the refferer id. many proxy servers strip it for privacy.

    -- bruce (sqlwork.com)



    "Christian Döring" <> wrote in message
    news:...
    > Hi,
    >
    > I want to store a refferer id in the ASP.NET 2.0 Profile. I have read,
    > that you shouldn't store sensitive data in the Profile without encryption.
    > Is it because it is stored as clear text in the database or are there
    > other reasons? When I set the refferer id on the server side, can I rely
    > on it? Or is there any case in which data from the profile is beeing
    > stored at client side and therefore not safe from modification?
    >
    > Thx
    >
    bruce barker \(sqlwork.com\), Apr 20, 2006
    #2
    1. Advertising

  3. Hi Bruce,

    > you can not count the refferer id. many proxy servers strip it for
    > privacy.

    By refferer ID I actually mean some ID that is created on the server side
    and has nothing to do with the browser refferer id or any client specific
    data. Sorry, this was very mistakeable!

    My question still is: Is there any case in which data from the P r o f i l e
    is beeing stored at client
    side and therefore not safe from modification?
    Christian Döring, Apr 20, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Henry van der Beek

    Perform operation whenever dir is altered

    Henry van der Beek, Jul 5, 2004, in forum: Python
    Replies:
    1
    Views:
    459
    John Lenton
    Jul 5, 2004
  2. Tim Golden
    Replies:
    0
    Views:
    404
    Tim Golden
    Jul 5, 2004
  3. Replies:
    8
    Views:
    480
    Toby Inkster
    Aug 7, 2006
  4. Ken Fine
    Replies:
    4
    Views:
    419
    Steven Cheng
    Feb 26, 2008
  5. john
    Replies:
    6
    Views:
    2,181
    Steven Cheng [MSFT]
    Apr 22, 2008
Loading...

Share This Page