I have a [WebMethod] in an asmx service (C# code) that accepts a query string with some sensitive information. Each request now is getting logged on the IIS Advanced Logs. Is there a way to mask this query string values before they get logged? The values are seen under the cs_uri_query field of the IIS Advanced logs. Altering the IIS Advanced logs configuration is not an option currently and final solution later on is the stop accepting sensitive information in the query string.
Thanks