Question
For example i have this URL: ....st:8080/sample?cardNumber=1234567890
I need to hide the parameter on the URL so i changed the method from GET to POST. After changing it the parameters are no longer shown in the URL but when i viewed the response headers, request headers and parameters using Firefox web developer tools i saw that in Params in Network tab it still shows cardNumber parameter with its value.
So, now i need to mask that since it's a card number.
Is it possible to mask the cardNumber in the parameters shown in the browser dev tools but when the parameter is passed back to the Servlet it will be the unmask version again so that the transaction wont be affected?
Solution
Short of client side encryption, no.
Your browser will always know what was typed into it.
If the Dev tools are closed and inactive when submitting, nothing SHOULD be recorded.
Obviously, if you want the card number to be secure during transit to the servelet, you should be using SSL.
https://stackoverflow.com/questions/22857213
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian