Passing values between web applications

In my previous post, I discussed about passing value between pages in the application. How about if you want to send data another application? In continuation of my previous post, I will discuss about passing value between applications. To pass values between applications, most common and widely mechanism is using query string.

WebApp1::FirstForm.aspx.cs Response.Redirect("http://localhost/WebApp2/SecondForm.aspx?Parameter=" + TextBox1.Text); 
WebApp2::SecondForm.aspx.cs TextBox1.Text = Request. QueryString["Parameter"].ToString();

As I also discussed in the same post, there are some constrains of using this query string.

First issue, you cannot pass value more than maximum allowed characters (ie. 2083 characters) in the URL. If previous page passes value larger then maximum allowed characters, your target application will crash as IIS can not handle URL of larger size.

Second issue, as I discussed before, values passed through the query string are exposed to the user through address bar of the browser. So, you must have to take care of validating those values after fetching from Request object in your target application. Of course, you can also encrypt query string to address this issue.

And third issue, you also have to take care of special characters in passed in the parameters.

My work around to address this kind of situation is passing value through post form to target application using Javascript. It is just like third method of passing values in my previous post.

To explain the work around, we will create a web application with name "WebApp1". It will have a web page "FirstForm.aspx", which will also responsible to get input from the user and post the form to another page.

WebApp1::FirstForm.aspx.cs

private void Page_Load(object sender, System.EventArgs e)
{
    buttonPassValue.Attributes.Add("onclick", "return PostPage();");
}

And we create a javascript function to post the form.

WebApp1::FirstForm.aspx

<script language=javascript>
function PostPage()
{
    document.Form1.action = "http://localhost/WebApp2/SecondForm.aspx";
    document.Form1.method = "POST";    
    document.Form1.submit();
}
</script>

Please note that As explicit URL of the target application in the action property. We are simply posting the form of current page to the page of another web application.

WebApp2::SecondForm.aspx.cs

if (Request.Form["TextBox1"]!=null)
    TextBox1.Text = Request.Form["TextBox1"].ToString();
    

Please note that you also have to set EnableViewStateMac property as false in WebApp2::SecondForm.aspx page, otherwise, you will get "The viewstate is invalid for this page and might be corrupted." error.

WebApp2::SecondForm.aspx

<%@ Page language="c#" Codebehind="SecondForm.aspx.cs" AutoEventWireup="false" Inherits="WebApp2.WebForm1" EnableViewStateMac=false %>

When user click on the "buttonPassValue" button of WebApp1::FirstForm.aspx page, form will be submitted to the page of another application WebApp2::SecondForm.aspx where the value of TextBox1 is fetch from the Request object.

Major benefit of this method compared to passing through query string is that your application will no long work under the constraint of maximum allowed characters in the URL. With that, pass value will not exposed to user in browser navigation after navigating to next page. Though, I do recommend you should validate any data pulling from Request object, as it may possible to temper with form data before posting in previous application.