Tuesday, August 10, 2004

VJs Tip Of The Day - August 11th 2004

Encrypting View State

Few days back we talked about ViewState being Base64 Encoded and that it moves back and forth from client to server... Now if you wish to encrypt the ViewState for security reasons then below is the way to achieve the same...
You have to change your web.config file... In the system.web section of the web.config file you need to add the below tags

<pages enableViewStateMAC="true"/>
<machineKey validation="3DES"/>

PS: Note that here validation="3DES" causes the encryption... enableViewStateMAC causes the check that ViewState is not actually tampered...

No comments: