Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Hide a URL

Posted on 2006-05-31
17
Medium Priority
?
1,069 Views
Last Modified: 2012-06-22
I need to give a user access to a website but attempt to hide the url of that site from them.  I have tried using frames but it does not work.  I believe it is because the site is redirecting to another site and killing the frames.  I am unsure of where or how because the address appears to be the same.  Perhaps they are also hiding a url.  I don't know.  Any ideas?
0
Comment
Question by:purfus
  • 4
  • 3
  • 2
  • +6
16 Comments
 
LVL 30

Expert Comment

by:Irwin Santos
ID: 16804744
how about create a window without the tool bar?
window.open(URL,name,options)
-------------------------
////the options include
toolbar =yes/no
location =yes/no
directories =yes/no
status =yes/no
menubar =yes/no
scrollbars =yes/no
resizable =yes/no
width =nubmer of pixels
height =number of pixels


Here is a sample:
window.open ("windowname.html", "windowname", "width=700,height=500,status=no,menubar=no,scrollbars=no,resizable=no,toolbar=no,location=no")
0
 
LVL 20

Expert Comment

by:Gawai
ID: 16804850
u can use either irwinpks method try iframe

<iframe src="page.htm" FRAMEBORDER="0" SCROLLING="NO" MARGINHEIGHT="0" MARGINWIDTH="0" HEIGHT="500" WIDTH="500"></iframe>
0
 
LVL 12

Expert Comment

by:UnexplainedWays
ID: 16804907
Why not just use frames, with one one frame?


----yoursite.com----
| ----hiddensite----|
|                         |
|                         |
|--------------------|
|--------------------|


Any links within that frame must be done via javascript.  Othrewise they can "open in new window" and get the url easy.  And in that javascrip,t you have to tell it which frame you want to change, so that they are forced to have a frame.

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 10

Expert Comment

by:ISoul
ID: 16805470
0
 
LVL 30

Expert Comment

by:callrs
ID: 16806033
"Accepted Answer from AdrianF   Date: 06/13/2000 07:02AM EDT    Grade: A       Accepted Answer  

There is NO way to hide the URL.  If the browser needs to request the page it needs to know the URL.  If the browser knows the URL then *I* know the URL.  There are workarounds and tricks but NONE of them work 100%.

The only way to give data to the server that the client can't see is to POST a form, transfer the data in cookies or the Session object.

It may not be the answer you want, but there is NO way to hide the URL, live with it. "

-from http://www.experts-exchange.com/Web/Web_Languages/ASP/Q_10429280.html?query=hide+a+url&clearTAFilter=true     Active Server Pages (ASP): Hide URL

----------
"Accepted Answer from jaysolomon ...."
"Comment from jaysolomon   Date: 04/03/2003 09:43AM EST         Comment  

there is no way to hide the url in the title bar. that is like a built in feature if you will and there is nothing we can do about it.

The only thing you can do is have a pop up like i did and not show the address bar."\

- From http://www.experts-exchange.com/Web/Web_Languages/JavaScript/Q_20572933.html?query=hide+a+url&clearTAFilter=true     JavaScript: Hide the url

(The above link shows way to hide address bar)

--------

My comment: Even if you succeed in hiding the url, it's easy for the user to write a script to extract the url from the page displayed in a browser. E.g. this simple script, in a program called Quick Macros, will store the url into a variable called 'url' for an IE window that has handle 'w':
Htm el=htm("" "" "" w 0 0 0x20); str url=el.DocURL
0
 
LVL 30

Expert Comment

by:callrs
ID: 16806166
While this http://www.experts-exchange.com/Web/Web_Languages/JavaScript/Q_20306262.html  JavaScript: Hide the URL
Just says "You could use frames and redirect one of the frames"
This http://www.experts-exchange.com/Web/Q_21411247.html     Web Development: hiding exact url
Has 2 other answers: using IFRAME, and includes
0
 
LVL 25

Expert Comment

by:SStory
ID: 16807366
There is an interesting way of providing a URL.  www.desaware.com offers a product that says it allows you to specify a link and how long it is valid or how many times it can be accessed or by only one IP, etc.  

What I imagine they are doing is generating a fake URL and evaluating the incoming request for the page and taking the known invalid part, looking it up in a database and returning the appropriate information.  There is an article on doing things like this in a book by Stephen Walther ASP.NET Unleashed (2nd Ed.) I believe.

For example:

You offer your site to clients like:  www.mysite.com/JohnDoe

John Doe thinks it is cool that you have a page dedicated to him, but the page really doesn't exist and if you desired could be a page that always changed....I'm not sure if you could use this somehow to your advantage or not--it depends upon what you are trying to accomplish. (unless the link changed continuously (being a fake link), then if one person knows it could be reused.)

HTH

Shane
0
 
LVL 9

Accepted Solution

by:
smidgie82 earned 2000 total points
ID: 16807369
All the answers above are right.  For the browser to open the page, it has to know the URL to request.  The entire request can be seen using any number of tricks (macros, the LiveHttpHeaders module for FireFox, or even snooping web traffic via Ethereal (assuming it's not a secure connection)).  Ditto for the response headers, which contain the URL of the page.  The bottom line is that you CAN'T hide the URL from an experienced, knowledgable user.  An expert, if you will.  (c:

However, there is a way to obfuscate URL's a little bit, but it's only worth doing if you just want to be able to prevent people from requesting or linking to pages directly.  One solution is to go through a "proxy" page.  For instance, you set up a page, call it index.php.  All the links in page index.php are links to something like "index.php?pageid=deadbeef0123456789."  Each time index.php is loaded, it queries a database for the filename of the page with id deadbeef0123456789, and sends that data to the client.  But first, it checks to make sure the client has been authenticated, via a session id or such.  It's impossible to hide the URL of the request (i.e., index.php?pageid=deadbeef0123456789), but the URL of the file that actually holds the information will thusly be completely hidden from prying eyes.

But it's really kinda pointless, I think.  There are much better ways to handle authentication, and no way to hide the request URI from the client, so it's really a lost cause, and should only really even be considered for aesthetic reasons (e.g., do a rewrite to replace an ugly URI containing lots of GET variables with a nice clean URI, or hide it completely in a FRAME).
0
 
LVL 10

Expert Comment

by:ClickCentric
ID: 16811037
What it comes down to is that the few ways there are to do it aren't worth the trouble of doing them.  "proxy" pages are about the only definitive way, but while simple in concept, actual implementation oftern turns quite complex.  That is, unless you control the host that the domain of the url you're trying to mask exists on...then apache can do some interesting things.
0
 
LVL 25

Expert Comment

by:SStory
ID: 16820387
Truth, is, as mentioned,  you would be as well off if anyone knew the IP, but everyone was challenged by username password (on an SSL encrypted link) before allowed to get to the link, this should do what you probably want.
0
 
LVL 9

Expert Comment

by:smidgie82
ID: 16989986
I think a delete - no refund, since the experts received zero feedback from the asker to determine if the comments answered the question to his satisfaction.  However, I think a split could be appropriate, as well, since IMO the correct answer is "it's not possible," and that answer was given several times.
0
 
LVL 30

Expert Comment

by:callrs
ID: 16990210
Don't delete. Makes a good reference, with or without an accept.
0
 
LVL 30

Expert Comment

by:Irwin Santos
ID: 16997580
@purfus...did you ABANDON us?
0
 
LVL 3

Author Comment

by:purfus
ID: 17027271
Thx all, sorry I had forgot I left this open and havn't had any experts browsing time in a while.  All of them are great answers.  I actually found an alternative solution to my problem.  My goal wasn't to hide the server but to hide the url my provider was sticking in.  Going to the default port for plesk on my server would do a redirect to some script on my provider's servers which would then do something to serv up the plesk admin panel.  Well this would give my clients the web page of my provider which obviously offers cheaper hosting and even pushes small shared hosting services.  Not that I'm ripping my clients or anything but I can't really compete with my distributer so I figured it would be best not to give them their address...  Long story short I found out how to bypass that redirect and leave everything on my domains.  As for the above, I just accepted the most intriguing answer, not that the rest weren't interesting.
0
 
LVL 30

Expert Comment

by:callrs
ID: 17027272
Quote: smidgie82:>>All the answers above are right. >>However, I think a split could be appropriate

Split was recommended even by the expert you've awarded...
0
 
LVL 25

Expert Comment

by:SStory
ID: 17042119
I have found a better way to do this, but since the question is closed....
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Australian government abolished Visa 457 earlier this April and this article describes how this decision might affect Australian IT scene and IT experts.
This video teaches users how to migrate an existing Wordpress website to a new domain.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses
Course of the Month20 days, 23 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question