I have a situation wherein I need to encrypt a query string in JS so that it becomes unreadable and decrypt in a Generic Handler. Can you gimme some links for this ?
Can you suggest some other method to this?
I've seen the method applied to a lot of sites
www.somesite.com/SomeHandler.ashx?QueryStringData=ghsgysghetwRFDTVW5632
If you need to transmit sensitive data over a potentially insecure network (such as a public WiFi access point), use HTTPS. It takes care of encrypting the data, and, more importantly, also ensures that other parts of the communication (such as JavaScript code sent from the server) are not tampered with.
If you don't use HTTPS, doing any sort of encryption in JavaScript will always be insecure, since a middle-man attacker can just modify the script sent to the browser. If you do use HTTPS, there's generally no need to do crypto in JavaScript, since the transport layer already encrypts all data sent to and from the server.