This article helps to develop Web applications to use Airlock's URL Encryption capability. It shows which criteria should be fulfilled by the Web application to fully support URL Encryption. The second part describes what has to be considered while configuring URL Encryption in the Airlock Configuration Center.
On the web application
- Use standard HTTP Protocol.
- Be sure your Web application is implemented following W3C HTML standards. For the encryption, Airlock uses a parser to find all URLs in the HTML content. In a few cases the parser is not able to find URLs because of non-standard HTML implementation.
- Use as little JavaScript as possible. In some cases, URLs in JavaScript functions cannot be found by the parser. In this case the URLs must be prepared by Airlock with rewrite functions.
- URLs which are dynamically built on client, e.g. with JavaScript, can not be encrypted. In this case the URLs must be defined as exceptions on Airlock.
- Do not use links or URLs which includ hostname and protocol, expect for external links. URLs with hostname and protocol have to be prepared for encryption using Airlock's rewrite rules.
- Most AJAX application cannot use URL Encryption for all URLs.
On Airlock
- When using Session Based Encryption, ensure that Session Handling is enabled on the corresponding mapping.
- When using Passphrase Based Encryption, Session Handling is not required.
- Be aware that when using regular expression mappings, the Airlock variables %ENTRYDIR%, %ENTRYPATH%, %BACKENDDIR% and %BACKENDPATH% cannot be used because their value is undefined in that case. See also the Online Help on Airlock.
- Use predifined Rewrite rule "Rewrite Stylesheet URLs" to also encrypt URLs in style sheets.
- Use other Rewrite rules to prepare URLs for encryption in special cases.
- Enable the Integration mode during the integration of URL Encryption.
For more configuration and implementation instructions see also article How to use URL encryption or the Online Help on Airlock.
Knowledge Base Categories: