Use code to parse the Base64 value of ViewSate?

The value of ViewState is encoded in Base64, which is not encrypted by default and can be easily read.
The value of ViewState can be encrypted. First, make sure that EnableViewStatMac of Page is set to true, and then configure machineKey in Machine. Config.
MachineKey in Machine. Config by default: <! -- Validation = "[SHA1 | MD5 | 3DES]" -->
<MachineKey
ValidationKey = "AutoGenerate, IsolateApps"
DecryptionKey = "AutoGenerate, IsolateApps"
Validation = "SHA1"/>

You can modify the machineKey to use a certain encryption method. Note: encryption is completed by the Machine Layer, which consumes system resources.
I have not tested encryption ViewState.

You can use a browser to obtain the hidden content of ViewState. The following code can be used to parse private string Base2String (string message)
{
Byte [] by = System. Convert. FromBase64String (message );

String dest = System. Text. Encoding. ASCII. GetString ();
Return dest;

}
// If the value of ViewState is "dDw5NDA0MTAzOTY7dDxwPGw8cGFzczs + O2w8RmlzaDs + signature + ";
String source = "dDw5NDA0MTAzOTY7dDxwPGw8cGFzczs + O2w8RmlzaDs + signature + ";
Response. Write (Base2String (source ));

We can obtain: t <940410396; t

; L >;;>; L <_ctl0; check; _ ctl1; _ ctl2; _ ctl3; cb ;>>
Among them, cb refers to the dynamically generated CheckBox. A total of five checkboxes are dynamically generated. check refers to the dynamically generated 2nd CheckBox IDs, and other IDs are not specified.

If you complete the preceding operations in the Page background code, you need to override SavePageStateToPersistenceMedium (): protected override void SavePageStateToPersistenceMedium (object viewState)
{
// Call the methods of the base class to complete basic operations
Base. SavePageStateToPersistenceMedium (viewState );
// Obtain the Base64 value of ViewState
LosFormatter format = new LosFormatter ();
StringWriter writer = new StringWriter ();
Format. Serialize (writer, viewState );
String vsRaw = writer. ToString ();
Response. Write ("ViewState Raw:" + Server. HtmlEncode (vsRaw ));
// Parse content
Byte [] buffer = Convert. FromBase64String (vsRaw );
String vsText = Encoding. ASCII. GetString (buffer );
Response. Write ("ViewState Text:" + Server. HtmlEncode (vsText ));
}

Obtaining the value of ViewState can help you understand the purpose and function of ViewState. After all, StateBag in ViewState can store page-level variables and send them through PostBack.