Forum Stats

  • 3,814,894 Users
  • 2,258,926 Discussions


Ways to secure the url parameter and value in APEX?

AllenS. Member Posts: 73 Blue Ribbon
edited Aug 9, 2021 8:58AM in APEX Discussions


We recently had one of our APEX Application go thru a penetration testing from an outsource company. One of the recommendations was to find an alternative way to pass sensitive information. They also suggested to use POST method but not sure if this is possible in APEX.

Does APEX provide other ways to pass data from one page to another aside from the URL? Or if needed to pass in URL, can these be encrypted so that it is not readable in the browser address bar or thru browser inspection?

We are currently using APEX 18.2 for reference.

Appreciate any feedback.




Best Answer

  • InoL
    InoL Member Posts: 9,795 Gold Crown
    Answer ✓

    when sensitive data is passed to parameters in the URL.

    Looks like they haven't done a test to see if they really can get "sensitive data". Are you passing sensitive information in a URL anywhere, or just a PK value like P10_ID:7208?

    Scott Wesley