we have a series of applications that use cfusion_encrypt() to encrypt query strings passed between and with in applications. We are currently running CF10 and are not experiencing any problems. We are looking at upgrading to CF11 and are now experiencing a plethora of errors related to encrypt/decrypt.
the issue i am currently working on is related to encrypt a url. no matter how I code the key,algorythm, or encoding, The encrypted portion of the url shows up as part of the link.
example:
<cfset theURL ="method=c.login&pid=validateLoginObj&vid=0&datasource=foo">
<cfset encryptedUURL ="http://localhost/1/2/inventory/index.cfm?encrypt(theURL, '123','CFMX_COMPAT','UU')">
<a class="nav_link" href="#encryptedUURL#">Inventory</a>
when the page is displayed, the user sees:
"WL.5KP1EY"3\'?=KH1* target="blank"> Inventory " as the link
(yes I shortened the encrypted string for demo purposes)
this sort of thing is through out 8 major applications
any suggestions on how to prevent this?
Message was edited by: john birdsell