Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Re: Recommendations for client-side state management

by jdrago999 (Pilgrim)
on Nov 23, 2011 at 01:54 UTC ( #939578=note: print w/ replies, xml ) Need Help??


in reply to Recommendations for client-side state management

Another option: convert the data to a JSON string base64-encoded JSON string, then sign the string.

use JSON::XS; use Digest::MD5 'md5_hex'; use MIME::Base64; my $signing_key = '//Sw0rdFiSh//'; my $data = { first_name => 'Will', last_name => 'Smith', age => 39, }; my $json_string = encode_json( $data ); my $signature = md5_hex( $signing_key . $json_string ); my $base64_encoded = encode_base64( $json_string, '' ); # Send the encoded data and the signature in the HTML as hidden fields print <<"HTML"; <input type="hidden" name="_signature" value="@{[ $signature ]}" /> <input type="hidden" name="_data" value="@{[ $base64_encoded ]}" /> HTML

Later, when processing the stored data on another step:

my $json_string = decode_base64( $q->param('_data') ); my $new_signature = md5_hex( $signing_key . $json_string ); unless( $new_signature eq $q->param('_signature') ) { die "The data has been tampered with"; }# end unless()


Comment on Re: Recommendations for client-side state management
Select or Download Code

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://939578]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (9)
As of 2014-12-28 04:39 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (178 votes), past polls