Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Hiding the Query String

Posted on 2004-08-26
17
Medium Priority
?
1,335 Views
Last Modified: 2010-04-01
hi Experts,
              I have a JSP page that reads parameters out of the Query String.  i have some hyperlinks in my page with poing to the same page , each with its own set of Query parameters.. SO each time the Query Parameters are read and i display data based on the Query Parameters..I have 6-7 Parameters that gets displayed on the Query String..

My URL after 2-3 submits looks like this..

http://localhost/My JSP Project/My_JSP_Page.jsp?TableName=ALL_GLOBAL_USERS&REQUESTED_Field=Assignments&OrderBy=EmployeeId etc etc..

Now it there a way by which i can Mask the URL and prevent it from displaying all the  query parameters ???

Thanx in Advance..

newBie Web Programmer.
0
Comment
Question by:FearFactor_x
  • 7
  • 4
  • 2
  • +3
17 Comments
 
LVL 2

Expert Comment

by:k41d3n
ID: 11903261
what method are you using to submit?

if your variables are defined via from fields, and you are clicking a submit button, you should be able to define the <form> method as post, then your variables shouldn't show up.

0
 
LVL 28

Expert Comment

by:rrz
ID: 11903266
Use post method instead of get method for your form.
0
 
LVL 28

Expert Comment

by:rrz
ID: 11903285
Sorry, k41d3n, I didn't see your comment.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:FearFactor_x
ID: 11903360
hi Experts,
              I am not using any Forms Or submitting anything.. i am using HyperLInks inside my Page.. and the href attribute of the HyperLink has my page.jsp?<Query Parameters..> .. I populate the Query Parameters Dynamically i have around 20-30 Hyperlinks and when each one is clicked.. and when the page gets loaded i read the parameters off the Query String and then do what is necessary...  In such a case how do i mask the query parameters..??

NewBie Web Programmer

0
 
LVL 2

Expert Comment

by:k41d3n
ID: 11903406
Do the hyperlinks lead to something? or is it more like making selections? In which case you could change them to check boxes and a submit button. Barring that, links use the get method, you might be able to use a javascript function to switch the method to post on click, but that's sketchy.

0
 
LVL 19

Accepted Solution

by:
ramazanyich earned 200 total points
ID: 11903462
In that case create a form with hidden parameter named 'query' and on href of link call javascript function which will first set value for query and call submit() to the form. On form use method="POST". On your JSP page get parameter 'query' using call:
String query=request.getParameter("query");
and parse that STring as you did previously.

Example:
<html>
<script language="JavaScript">
function ss(String param){
document.test.query.value=param;
document.test.submit();
}
</script>
<body>
<a href="javascript:ss('param=value&...')> Click me</a>
<form name="test" method="POST" action="">
<input type="hidden" name="query" value=""/>
</form>
</body>
</html>
0
 
LVL 2

Expert Comment

by:k41d3n
ID: 11903492
Something like:

<a href="page.jsp?q=1&b=3" onClick="javascript:document.links.method=\"get\"">Text</a>

That isn't tested and most likey will not work ;)
0
 

Author Comment

by:FearFactor_x
ID: 11903496
hi k41d3n,
              The links that i use are numbers which get populated at runtime.. Here is a snapshot of my code

<%

 hrefText="MyPage.sjp?TableName="+TableNametoQuery+"&UserID+"?REQUESTED_Field=" +RequestedField+"&ORDER_BY="+OrderByColumnName;
OptionSelect=// I assign some value to this.... that

%>

and

 <td height="50%"><span class="style31 style6"><a href="<%=hrefText%>"><%=OptionSelect%> < /a></span></td>


So this being the secnario.. how do i mask my Query String parameters..
0
 
LVL 2

Expert Comment

by:k41d3n
ID: 11903582
You can try ramazanyich's idea, or you can make your options in a form. Like a drop down box or a list of checkboxes that are part of a form with the method of post.

You are going to have to incorporate it into a form either way to mask the URL params.

0
 
LVL 19

Expert Comment

by:ramazanyich
ID: 11903591
As I suggested you code will not change a lot.
it will be following changes:
<td height="50%"><span class="style31 style6"><a href="javascript:ss('<%=hrefText%>'"><%=OptionSelect%> < /a></span></td>
0
 
LVL 2

Expert Comment

by:k41d3n
ID: 11903698
You couls also set the variable into the session using a token:

<%
String OptionSelect = "Text";
String queryString = "MyPage.sjp?TableName="+TableNametoQuery+"&UserID+"?REQUESTED_Field=" +RequestedField+"&ORDER_BY="+OrderByColumnName+";  
String key = new Random().nextLong();  
session.setAttribute( key, queryString );
%>

<a href="<%= key %>"><%= text %>
0
 
LVL 2

Expert Comment

by:k41d3n
ID: 11903739
don't forget to import java.util.Random;
0
 
LVL 28

Expert Comment

by:rrz
ID: 11903836
>how do i mask my Query String parameters..  
Just don't send them. Just send OptionSelect.
<a href="<%=OptionSelect>"><%=OptionSelect%>
In your JSP use something like  
if(OptionSelect==1){use correct query string}
if(OptionSelect==2){use different query string}
if(OptionSelect==3){use third query string}
or if OptionSelect is a String
if("one".equals(OptionSelect)){use first query string}
if("two".equals(OptionSelect)){use second one}
rrz
0
 
LVL 2

Expert Comment

by:k41d3n
ID: 11904434
Yeah, I was wrong.

You can store the query string in the session with a random long, but when you pull it out and pring it out so that the string looks like the random then the URL tries to go to the random not the value of the random as set in the session.

I got nothin.
0
 
LVL 28

Expert Comment

by:rrz
ID: 11904760
><a href="<%=OptionSelect>"><%=OptionSelect%>
I was wrong.
I meant to post  
<a href="MyPage.sjp?opt=<%=OptionSelect>"><%=OptionSelect%>
and then use
String option = request.getParameter("opt");
if(option==null)option = "one";
if("one".equals(option)){use first query string}
if("two".equals(option)){use second one}
if("third".equals(option)){use third one}  
rrz

0
 
LVL 1

Expert Comment

by:matthew_york
ID: 11913313
How about something along these lines:

<% for (int i = 0; i < 10; i++) { %>
   <FORM name="form<%= i %>" method="post" action="this.jsp">
      <-- Values to be hidden -->
      <INPUT type="hidden" name="param" value="<%=i %>">
      <A onclick="document.form<%= i %>.submit()">Update Screen</A>
   </FORM>
<% } %>
0
 
LVL 1

Expert Comment

by:Lucky48390
ID: 11918910
Hey Fear Factor. While some might oppose the use of frames, the very simplest way to conceal when the request comes from a hyperlink is to use one.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
There can be many situations demanding the conversion of Outlook OST files to PST format and as such, there is no shortage of automated tools to perform this conversion. However, what makes Stellar OST to PST converter stand above the rest? Let us e…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Screencast - Getting to Know the Pipeline

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question