Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
L
L
Lexxtor2016-06-20 13:24:48
PHP
Lexxtor, 2016-06-20 13:24:48

What is the best way to encrypt a URL?

I send emails from the site. All clicks on links in emails must go through a script with a redirect.
It could be done like this: site.ru/redirect?token=fkentov35na322k6g52 where token is a random string stored in the database along with the URL to which you want to redirect and the id of the letter.
But thousands of letters will be sent and I don’t want to have a database table for tokens. Therefore, I encrypt the letter id and URL into a token string and pass it in the script address, the script decrypts it and receives the redirect URL.
Everything works, only this token is long:
With an encryption password of 11 characters, like this:

5BRpsImR02MaR2gWlDZS__OyMetPHaG3MtacaX6C5XgO9YornNgBVQD89RAaifdT-3NGqWt9MqB4dGIQhVzeAolw8kky5ELUf7hJ2QaDmQe7J4WPdxMlgvbKncefCrPbx1o_ech-UW87DCuVJAkchE-bf0I8t8W0x1LKoLJSBX_slQV6VYffjhHUQiA5Iz-iQ7UMYrWqUQ

With an encryption password of 5 characters, like this:
tFR6K4OibiwsIpIQ3jClkyRhxVaVH9lG0w_hwoMAbDq3qQELIoyXYJAXkR_LPJhFt1tQvbq_e_1YehYQaXMWCUfIqLQSST2yk7zHJq-O4i_1xphtk3dMSxiMhdO-ZNRCAmNZZJTNIZbC7evV3Vs4MpDU4rLw6FeMQJLynplcsJ8cvOxvwenoWw1nxg

In HTML letters, links should be like this: and they will be very long in the text. But the attacker will not be able to pick up the token and distort the statistics. How can this be improved? Do other services also use this approach? <a href="URL">URL</a>

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexey, 2016-06-20
@Lexxtor

You wrote everything correctly - there are two options - either store links in the database or encrypt them directly in the URL.
If you have a limited number of links, you can enter them all from the database, the output will be, for example, ID-Link = 0..99 (hundred links).
Further, as I understand it, you want to track users - this is already an ID-User in the range, say, 0..9999.
In total, we need to "sew" two numbers into the link - 99 and 9999, for example, in the form 99:9999.
So I propose to encrypt them, the link will not be very long.

Report
A
Adamos, 2016-06-20
@Adamos

You don't need to classify links, you just need to count clicks.
99% of users won't bother pulling a real link from yours even after a simple urlencode... Well, in extreme cases, replace the dot with a comma before encoding, and change it back on the server.

Similar questions
A
Anholle2019-09-09 11:37:42
How to set up a filter in the feedback form? 0Reply
M
MarEeeeeee2021-04-07 17:49:27
Do I get an error when using useState? 3Reply
N
nethole7412019-10-02 20:40:14
Sending to modx revo via ajaxform not working? 2Reply
K
korsukn2015-05-28 12:57:42
Should I upgrade to Yosemite 10.10.3? 6Reply
D
dremk2015-05-30 14:46:46
Can you please give some advice on learning Unity? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question