Redirect to another URL without showing the parameter (not want to pass as query string)

Hello    I am using IFrame control to redirect to another application URL. I need to pass some parameter like app code and current logged in user details. But I don't want to add it in URL as 'baseURL?param1=A?param2=B’ as it is visible in developer tool. And the application will be not secured.  What is another way I can use in Mendix so that I can pass the parameter and they are not visible.   Thanks , Madhusudan
2 answers

Is the Iframe calling an external site?

If it is, we solved this by getting our Mendix app to pass the data over to the external site using a server side REST or SOAP call. The remote app then stores this data and returns us a deeplink with a GUID. We use this deeplink as the Iframe src. When the external app receives a call to this URL it can access the data that was passed behind the scenes. The data does not appear in the users devtools, just the GUID which can be easily expired by the external app.

Hope this helps.


If you do not know how your security works, you are asking the wrong question. From your initial description, and your comment, it seems the security of your Mendix application is severely lacking: you have not configured security strictly enough and instead you rely on ‘security through obscurity’ – which is a bad practice.

It seems that data is accessible without the need to authenticate (i.e. you have enabled anonymous users and they can access data). If this is the case, anyone who know the URL of your application has access to all data such an anonymous user has access to: someone with enough Mendix experience can access the data, either through Mendix's REST API or through accessible microflows. You can test this by adding the SecurityInspector widget from the AppStore to a page an anonymous user has access to.

Based on this, I would advice you to review your security configuration and implement authentication. Your choice of authentication will dictate how you are able to secure your iFrame.