Is there a way to shorten a URL QueryString?

Question

Is there a way to shorten a URL QueryString?

Donald Symmons 3,066

In trying to shorten url QueryString, I bumped into an article that encrypts a url. May I please know if this is best way for this or shortening the url is preferred?

If it is to shorten a url, Please how do I do this?

Thank you.

Here is the code that encrypts url

 protected void Button1_Click(object sender, EventArgs e)
        {
            string PageNumber = "00637";
            Session["PageID"] = PageNumber;

            var plaintextBytes = Encoding.UTF8.GetBytes("Max");

            //---- Encrypt text.
            var encryptedValue = Convert.ToBase64String(MachineKey.Protect(plaintextBytes, PageNumber));

            //--- URL encode to make encrypted value URL compatible.
            encryptedValue = HttpUtility.UrlEncode(encryptedValue);

            //---- Send encrypted value as query string.
            Response.Redirect("Default3.aspx?Id=" + encryptedValue);
        }
        public static string Decrypt(string TextToBeDecrypted)
        {
            RijndaelManaged RijndaelCipher = new RijndaelManaged();

            string Password = "CSC";
            string DecryptedData;

            try
            {
                byte[] EncryptedData = Convert.FromBase64String(TextToBeDecrypted);

                byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
                //Making of the key for decryption
                PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
                //Creates a symmetric Rijndael decryptor object.
                ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));

                MemoryStream memoryStream = new MemoryStream(EncryptedData);
                //Defines the cryptographics stream for decryption.THe stream contains decrpted data
                CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);

                byte[] PlainText = new byte[EncryptedData.Length];
                int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
                memoryStream.Close();
                cryptoStream.Close();

                //Converting to string
                DecryptedData = Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
            }
            catch
            {
                DecryptedData = TextToBeDecrypted;
            }
            return DecryptedData;
        }

        public static string Encrypt(string TextToBeEncrypted)
        {
            RijndaelManaged RijndaelCipher = new RijndaelManaged();
            string Password = "CSC";
            byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(TextToBeEncrypted);
            byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
            PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
            //Creates a symmetric encryptor object. 
            ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(32), SecretKey.GetBytes(16));
            MemoryStream memoryStream = new MemoryStream();
            //Defines a stream that links data streams to cryptographic transformations
            CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
            cryptoStream.Write(PlainText, 0, PlainText.Length);
            //Writes the final state and clears the buffer
            cryptoStream.FlushFinalBlock();
            byte[] CipherBytes = memoryStream.ToArray();
            memoryStream.Close();
            cryptoStream.Close();
            string EncryptedData = Convert.ToBase64String(CipherBytes);

            return EncryptedData;
        }

And on the next page where the url points to, the url is decrypted

protected void Page_Load(object sender, EventArgs e)
        {
            if (!string.IsNullOrEmpty(Request.QueryString.ToString()))
            {
                var bytes = Convert.FromBase64String(Request.QueryString["Id"].ToString());
                var output = MachineKey.Unprotect(bytes, PageNumber);
                Response.Write(Encoding.UTF8.GetString(output));
            }
        }

Viorel 122.6K Reputation points

2023-05-04T11:34:26.4+00:00

Maybe you can do this: Session["data"] = some data, then go to next page.

On next page, extract the data from Session["data"].
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-05T08:52:15.1866667+00:00

Hi @Donald Symmons

When you use an encryption algorithm to manipulate your querystring, its length depends on the algorithm.

I've tried encryption algorithms like 'AES' all causing it to be longer.

Best Regards

Qi You
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-05T09:07:51.87+00:00

Hi @Donald Symmons

I'm a little confused about your intentions. Why encrypt these things like "PageID". I'm actually guessing you're thinking that there are multiple parameters on one "QueryString". Then you want to cut these parameters to one. Can you elaborate on your thoughts better?

Best Regards

Qi You

Donald Symmons 3,066

Hi @QiYou-MSFT ,

Sorry, the goal was to shorten url. I actually was not going to encrypt it. I just put that up asking for opinions if that can be improvised into shortening a url. Here is what I did instead.

I put two labels on my web form and hid their visibility. Then in the server side window of the form I generated random characters for the QueryString and called it in the page load of the form.

This generates the QueryString and is attached to the label. Then, I can save the url with QueryString into database table from the label which it is displayed in. I think with that, the url with QueryString will be linked to that particular page and data related to it.

public partial class

private static readonly List<int> numbers = new List<int>()
        { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
        private static readonly List<char> characters = new List<char>()
        { 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
        'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '-', '_', '/'};

C#

protected void Page_Load(object sender, EventArgs e)
        {
           GetURL();
        }
        private void GetURL()
        {
            Random rand = new Random();
            for (int i = 0; i < 4; i++)
            {
                int random = rand.Next(0, 3);
                if (random == 1)
                {
                    random = rand.Next(0, numbers.Count);
                    lblURL.Text += numbers[random].ToString();
                }
                else
                {
                    random = rand.Next(0, characters.Count);
                    lblURL.Text += characters[random].ToString();
                }
            }
            UrlLbl.Text = "https://localhost:44316/regpage.aspx?id=" + lblURL.Text;
        }

In fetching the record on the page with the shortened QueryString, I did this.

 using (SqlCommand cmd = new SqlCommand("SELECT DISTINCT columnName FROM MyTable WHERE EventURL =@EventURL AND Id =@Id", con));
                cmd.Parameters.AddWithValue("@EventURL", Session["eventID"]);
                cmd.Parameters.AddWithValue("@Id", Session["user"]);

HTML

 <asp:Label ID="lblURL" runat="server" Visible="false" Text=""></asp:Label><asp:Label ID="UrlLbl" runat="server" Visible="false" Text=""></asp:Label>

Accepted answer

1 additional answer

Your answer

Viorel 122.6K Reputation points

2023-05-04T11:34:26.4+00:00

Maybe you can do this: Session["data"] = some data, then go to next page.

On next page, extract the data from Session["data"].
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-05T08:52:15.1866667+00:00

Hi @Donald Symmons

When you use an encryption algorithm to manipulate your querystring, its length depends on the algorithm.

I've tried encryption algorithms like 'AES' all causing it to be longer.

Best Regards

Qi You
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-05T09:07:51.87+00:00

Hi @Donald Symmons

I'm a little confused about your intentions. Why encrypt these things like "PageID". I'm actually guessing you're thinking that there are multiple parameters on one "QueryString". Then you want to cut these parameters to one. Can you elaborate on your thoughts better?

Best Regards

Qi You

Answer 1

QiYou-MSFT 4,326 Microsoft External Staff

Hi @Donald Symmons

Based on the code you gave, I think you want to use the MD5 algorithm for the 16-base string and 0x3fffffff (30-bit 1) AND operation.Due to the algorithm, multiple results will end up and there may be duplicate results. Finally, the effect is achieved by saving to the database for mapping.

Code:

static void Main(string[] args)
          {
              Random rd = new Random();
            string url = "https://localhost:44316/regpage.aspx";
            string str = "https://localhost:44316/regpage.aspx?id=321321321";
            string[] resAry = str.Split(new string[] { url }, StringSplitOptions.None);
            Console.WriteLine(resAry[1]);
            for (int i = 0; i< 100; i++)
             {
                 int index = rd.Next(0, 4);
                 var stortUrls = ShortUrl(resAry[1]);
                 Console.WriteLine( url+'/'+stortUrls[index]);
             }
             Console.Read();
         }
         public static string[] ShortUrl(string url)
         {        
             string key = "key";
             string[] chars = new string[]
             {
                "a", "b", "c", "d", "e", "f", "g", "h",
                 "i", "j", "k", "l", "m", "n", "o", "p",
                 "q", "r", "s", "t", "u", "v", "w", "x",
                 "y", "z", "0", "1", "2", "3", "4", "5",
                 "6", "7", "8", "9", "A", "B", "C", "D",
                 "E", "F", "G", "H", "I", "J", "K", "L",
                 "M", "N", "O", "P", "Q", "R", "S", "T",
                 "U", "V", "W", "X", "Y", "Z"
             };
             string hex = FormsAuthentication.HashPasswordForStoringInConfigFile(key + url, "md5");
                 string[] resUrl = new string[4];
                 for (int i = 0; i < 4; i++)
                     {
                         
                 int hexint = 0x3FFFFFFF & Convert.ToInt32("0x" + hex.Substring(i * 8, 8), 16);
                         string outChars = string.Empty;
                         for (int j = 0; j < 6; j++)
                             {
                                 
                     int index = 0x0000003D & hexint;
                                 
                     outChars += chars[index];
                                 
                     hexint = hexint >> 5;
                             }
                         
                 resUrl[i] = outChars;
                     }
                 return resUrl;
             }

Output:

Best Regards

Qi You

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Donald Symmons 3,066 Reputation points

2023-05-08T08:03:19.61+00:00

Hi @QiYou-MSFT ,

Due to the algorithm, multiple results will end up and there may be duplicate results.

These duplicate results that may end up, is it from the the code you shared or from the one I posted, or maybe both codes provide the same outcome?
Donald Symmons 3,066 Reputation points

2023-05-08T08:03:26.3833333+00:00

Hi @QiYou-MSFT ,

Due to the algorithm, multiple results will end up and there may be duplicate results.

These duplicate results that may end up, is it from the the code you shared or from the one I posted, or maybe both codes provide the same outcome?
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-08T08:24:27.5533333+00:00

Hi @Donald Symmons

In fact, there are basically no duplicate results. The repeated results in the image above are due to random numbers. You can see that there are actually four different results.

Best Regards

Qi You
Donald Symmons 3,066 Reputation points

2023-05-08T08:28:56.93+00:00

Hi @QiYou-MSFT ,

I see this particular result below appear more than once in the cmd prompt image you posted

https://localhost:44316///regpage.aspx/MV7FJ
Donald Symmons 3,066 Reputation points

2023-05-08T08:54:10.8+00:00

Hi @QiYou-MSFT ,

The repeated results in the image above are due to random numbers

Okay. And the random numbers is what I used in my code, is it?

Please I do not understand how you mean. I just want to know if my code is what can generate repeated result due to random numbers you mentioned?
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-08T10:11:25.14+00:00

Hi @Donald Symmons

In fact, the result generated by your code is an encrypted string. Its length may not be that short. The method I provide is actually a simple encryption of the querystring part. Let it be a 6-bit string.

In this way, the senses will be shorter. Finally, when we access, the system obtains the real URL address through the query operation of the database and then accesses it. In fact, the result of the code of both of us may be an encrypted string, and this length may be shorter for you. Because this is the short-address algorithm commonly used on many forums.

In fact, short addresses are not so secure. Although your code may end up being a little longer, it will be more secure. I think you can rethink it. In fact, I think it's important to note that the average user doesn't enter a URL with a querystring directly. Usually by jumping. So I think a long encrypted URL might be a little better.

In fact, my code introduces random numbers just to show it. 100 cycles of random numbers between 0 and 4.

https://localhost:44316///regpage.aspx/MV7FJ

The reason it appears so much is simply because "2" appears more often in the loop.

In fact, the random numbers in your code and mine are just to make the result more random.

In fact, your question is very simple. Use an algorithm to make querystring shorter. Finally, access changes are implemented through the database.

Best Regards

Qi You
QiYou-MSFT 4,326 Reputation points Microsoft External Staff

2023-05-08T10:15:49.5866667+00:00

Hi @Donald Symmons

Usually we use FriendlyURL, .aspx can be omitted.

Best Regards

Qi You
Donald Symmons 3,066 Reputation points

2023-05-08T11:30:46.9566667+00:00

Hi @QiYou-MSFT , how can I use friendlyURL and omit .aspx in this situation?

QiYou-MSFT 4,326 Microsoft External Staff

Hi @Donald Symmons

Solution-App_Start-RouteConfig.cs:

 public static class RouteConfig
    {
        public static void RegisterRoutes(RouteCollection routes)
        {
            var settings = new FriendlyUrlSettings();
            settings.AutoRedirectMode = RedirectMode.Permanent;
            routes.EnableFriendlyUrls(settings);
        }
    }

Output:

FriendlyUrl

However, in the latest version, this method is added automatically when you create a project.

Best Regards

Qi You

Donald Symmons 3,066 Reputation points

2023-05-09T07:26:36.4233333+00:00

Hi @QiYou-MSFT ,

Okay, I understand. It's routing. I can use routing to create a friendly URL

Answer 2

Bruce (SqlWork.com) 77,686 Volunteer Moderator

Your question is not clear. An encrypted string will be longer, not shorter. You use encrypted values in a url when you don’t want the actual value exposed or modified.

Share via

Is there a way to shorten a URL QueryString?

1 additional answer

Your answer