jQuery: protecting sensitive data in AJAX requests

In jQuery we can try to make it harder to read sesitive data passed along with an AJAX request.

On the client side we can use the JavaScript's btoa() method to encode strings in Base64.


$( "#contact-form" ).on( "submit", function( e ) {
    e.preventDefault();
    var data = {
        name: $( "#name" ).val(),
        email: btoa( $( "#email" ).val() ), // Base64 encoding
        message: btoa( $( "#message" ).val() )
    };
    $.post( "/contact", data, function( response ) {

    });
});

On the server side we can decrypt the Base64 encoded string before further processing data. Note that this is a weak solution. A stronger solution would be to articulate our request in several steps by also creating our encoding algorithm instead of simply relying on the sole Base64 encoding.

Prev Articles Next