1. Home
  2. Security
  3. Masking & Scrambling Sensitive Data

Masking & Scrambling Sensitive Data

When creating web applications, developers occasionally wish to hide, scramble or otherwise obfuscate data that is displayed on the page and/or sent via the URL. The main reason for this is that application developers need to protect the information being sent across the URL from being read by the end-user. An example of this would be in the medical field, where a developer would want to protect Patient Names (or other information) from being displayed in plain view.

Video Walkthrough

To mask characters within a particular field, open m-Painter and find the field you would like to mask. Right click on its cell, and select “Edit Cell HTML.” Replace ${row.FIELD} with ${maskright(row.FIELD,3)}. m-Power also supports masking the left portion of your field with maskleft, instead of maskright.
Be sure to replace row.FIELD with your FIELD name. The second parameter available tells m-Power how many characters you wish to display in clear/readable text.


To obfuscate URL parameters, open m-Painter and find the link you need to change. Find the parameter listed in your link, such as FIELD=${row.FIELD?url}. Modify the parameter, so it reads as: FIELD=${scramble(row.FIELD?url)}. Notice that the row.FIELD has been wrapped by scramble().

Please keep in mind that utilizing this obfuscate/scramble feature does not negate best security practices. mrc still encourages you to set up HTTPS protocol to protect data in-transit, as well as row level security so users can only access records that are pertinent to them.

Updated on May 19, 2023

Was this article helpful?

Related Articles

Need Support?
Can't find the answer you're looking for? Don't worry we're here to help!