Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number

Re: Recommendations for client-side state management

by jdrago999 (Pilgrim)
on Nov 23, 2011 at 01:54 UTC ( #939578=note: print w/replies, xml ) Need Help??

in reply to Recommendations for client-side state management

Another option: convert the data to a JSON string base64-encoded JSON string, then sign the string.

use JSON::XS; use Digest::MD5 'md5_hex'; use MIME::Base64; my $signing_key = '//Sw0rdFiSh//'; my $data = { first_name => 'Will', last_name => 'Smith', age => 39, }; my $json_string = encode_json( $data ); my $signature = md5_hex( $signing_key . $json_string ); my $base64_encoded = encode_base64( $json_string, '' ); # Send the encoded data and the signature in the HTML as hidden fields print <<"HTML"; <input type="hidden" name="_signature" value="@{[ $signature ]}" /> <input type="hidden" name="_data" value="@{[ $base64_encoded ]}" /> HTML

Later, when processing the stored data on another step:

my $json_string = decode_base64( $q->param('_data') ); my $new_signature = md5_hex( $signing_key . $json_string ); unless( $new_signature eq $q->param('_signature') ) { die "The data has been tampered with"; }# end unless()

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://939578]
and nobody stirs...

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (8)
As of 2017-01-17 17:41 GMT
Find Nodes?
    Voting Booth?
    Do you watch meteor showers?

    Results (158 votes). Check out past polls.