Jukka K. Korpela said:
I repeat: you are probably solving the wrong problem. Why create
"fat URLs" in the first place? You won't need them if you use the POST
method.
Hyperlinks is my stumbling block.
I am trying to achieve redundant session management and tamper prevention.
At this time, I am sucessfully using:
* Cookies. Unless cookies are rejected by the client, therefore, I cannot
rely solely on this.
* Hidden fields. The session data is posted to new pages whenever a post is
performed. Sessions are maintained. The drawback is that I have hyperlinks
to other pages and if cookies are off, the session is lost when the
hyperlinks are clicked.
The cookies and hidden fields are to be encrypted, therefore, tampering hits
can be immediately discovered and ignored by returning a blank page if the
format is in any way invalid. Processing stops here instead of going on
further, to perhaps a database lookup routine, etc.
I've heard that Perl, PHP, and other interpreters already have built in
functionality to handle this but I am writting my application in C++ since I
don't know how to use any of the mentioned tools specific to web
development. I have found two different urlencode/urldecode functions
written for C++ that I will try today. Here is a documentation snippet:
URLEncode is a String class function that converts a US-ASCII string to its
representation in the URL Encoding scheme. URLEncode is based on the URL
character encoding rules as described in the Internet Standards document RFC
1738 - Uniform Resource Locators (URL)
(
http://www.rfc-editor.org/rfc/rfc1738.txt).
Regards,
Fernie