views:

74

answers:

3

I have this following setup, a textarea named with some data in it that may have carriage returns and another textarea that has style='display:none' in order to make it hidden as follows:

<textarea id="myTextarea" onBlur="encryptMyData()"></textarea>
<textarea name="encryptedText" style='display:none'></textarea>

the user enters data in the first textarea and when that text area loses focus the 'encryptMyData()' javascript function is calling an ajax call to take whatever the user entered in the first textfield, encrypt it using rijndael, and paste it in the encryptedText textarea so that it is stored in the database later.

Now what I need to do is this, find a way to convert the carriage returns before encryption to a tag like so [cr] so that when I retrieve the data, all formatting is retained. Any idea how I do this? I'm using asp.net and c# to perform the encryption.

+1  A: 

You can use the JavaScript escape() method to take care of the carriage returns and spaces. Server-side you need to unescape the sequence again, but there is no default unescape method present in C#. You could try using the unescape method in the Microsoft.JScript.GlobalObject namespace.

Prutswonder
+2  A: 

Your newline characters are likely still present in the encrypted data.

If you absolutely do want to "display" the encrypted data with newlines retained, you likely need to do a stringData.Split(Environment.NewLine), encrypt each resulting string separately, then String.Join(Environment.NewLine, arrayOfEncryptedDataLines) the strings back together before returning to the webpage.

-edit-

You might be better off not going by the server, though. Have a look at http://www.hanewin.net/encrypt/aes/aes.htm

LaustN
I'd be leery of doing anything security-related (as encrypting text would appear to be) in client-side code. But great link, nonetheless, and spot-on with the rest of the answer.
Dathan
A: 

Basically the AJAX call to your service is probably stripping out the new lines, so you'll need to do the conversion before you call the web service.

In your encryptMyData function perform a replace before you send it the server:

// assuming sometext contains the contents of myTextarea
// Perform a global replace for all occurrences of a new line with [CR]:
sometext = sometext.replace(/\n/g, "[CR]");

Then pass sometext to the ajax call, rather than the straight value of the textarea.

Zhaph - Ben Duguid