I'm having a very strange issue and have no idea what can be causing it.
A customer this morning emailed me about some customers getting an error when trying to view the his website, he also got the error but then when he tried again it worked.
Looking at the logs, the error is with Chrome 65 and 67, I use 67 and do not get the error.
The querystring which is encrypted is below, this never worked for a customer but worked for me:
AQAAANCMnd8BFdERjHoAwE%2fCl%2bsBAAAA0PyFDdX%2brkGTpXZG7C49nAQAAAACAAAAAAAQZgAAAAEAACAAAACI39m3OhUEFw3GBxXP%2bsVpw6zLJOqRkcJx1%2bFPcozLZgAAAAAOgAAAAAIAACAAAAAJpDYiaxnPjDprOQEA9u02%2bU0%2fDQDCIF7sXsjxaU3onYAAAACWWCv%2bKNSRbQjLTNeJjgE37yHviV1UmfJyoUn%2fcUg%2f0MTr23%2b16qZs9F%2fDNm4wU%2bJITVn3xXuarzcNB6ClJ2ZpwtEsMdUNBRUW0B7XA9%2bQjC69V1O2XqTp%2fgXQazHOITEBpgokD1tSbnv4pRMUfkVlogYoo0H9Lnf24FEDEnSp30AAAACwtnrmVACY71%2bcAAMANRoCuihUumid0i8P75KV0ZlUIRBXyOzASHwq9I7icvXWDbI2nNOa0mQDOgNdvZEti%2bYz
Below is my code, I'm hoping the issue is with this, but as some customers are having the issue and some not, I'm not holding my breath.
var encrtptUserId = EncryptionDecryption.WindowsEncrypted(encryptQueryParameters);
string urlToValidateUser = $"{baseUrl}?id={HttpUtility.UrlEncode(encrtptUserId)}";
public static string WindowsEncrypted(string text)
{
return Convert.ToBase64String(ProtectedData.Protect(Encoding.Unicode.GetBytes(text), null, DataProtectionScope.LocalMachine));
}
public static string WindowsDecrypted(string text)
{
return Encoding.Unicode.GetString(ProtectedData.Unprotect(Convert.FromBase64String(text), null, DataProtectionScope.LocalMachine));
}
Its the decryption that is causing the issue, but not all the time
Any help would be appreciated.
The query string includes encoded values, e.g. "%2b". That's at least inconvenient.
You could decode those values to end up with the original base64 value that you could then convert back to a byte array. but it would be better to use a web-safe base64 encoding to start with.
Convert.ToBase64String
doesn't provide a URL-safe approach, but you can easily just useReplace
on the result: