Safe Data serialization for Plain HTTP GET & POST communication

StackOverflow https://stackoverflow.com/questions/2176023

Question

I'm using the client's browser to submit HTTP request. For report generation the securityToken is submitted as POST, for report download the same token needs to be submitted by the user browser, this time using GET.

What encoding would you recommend for the securityToken which actually represents encrypted data.

I've tried BASE64 but this fails because the standard can include the "+" character which gets translated in HTTP GET to ' ' (blank space).

Then I tried URL Encoding, but this fails because for HTTP POST stuff such as %3d are transmitted without translation but when browser does HTTP GET with the data %3d is converted to '='.

What encoding would you recommend, to allow safe transmission over HTTP POST & GET without data being misinterpreted.

The environment is Java, Tomcat.

Thank you, Maxim.

Was it helpful?

Solution

Hex string.

Apache commons-codec has a Hex class that provides this functionality.

It will look like this: http://youraddress.com/context/servlet?param=ac7432be432b21

OTHER TIPS

Well, you can keep the Base64 and use this solution: Code for decoding/encoding a modified base64 URL

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top