Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    New to the CF scene
    Join Date
    Aug 2009
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts

    How to hide the Real URL on Browser

    Hi

    How to hide the real url and dispaly to specific url on a website.
    i.e. http://www.myapp.com/information.jsp is real url and want to dispaly http://www.myapp.com/ URL on browser.
    I will display as static URL instaead of real url.

    Please give an idea sugegstion how to do this bcoz I m new in JS.

    Thanks
    Lalit
    Last edited by imlalit; 08-03-2009 at 10:21 AM.

  • #2
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    18,079
    Thanks
    203
    Thanked 2,542 Times in 2,520 Posts
    What possible legitimate reason do you have for wanting to do this?

    This is not possible because this can cause a huge security risk for users of your website. The browser can not display anything in the address bar other then the URI of the document loaded into the window. Someone could easily set up a phishing website for Paypal, and modify the url to say Paypal.com instead of whatever false url they were using before.


    A teacher informed my son that "There are two words which you should never use in school homework - one is cool and the other is gross". "No problem", replied the boy, "What are the two words?"
    Last edited by Philip M; 08-03-2009 at 11:12 AM.

  • #3
    Kor
    Kor is offline
    Red Devil Mod Kor's Avatar
    Join Date
    Apr 2003
    Location
    Bucharest, ROMANIA
    Posts
    8,478
    Thanks
    58
    Thanked 379 Times in 375 Posts
    if you use Apache - You may do that on using htaccess

    See also: http://en.wikipedia.org/wiki/Rewrite_engine

    Philip M, I think imlalit wants simply to mask the hash in order to make it human readable : for instance instead of

    http://www.mysite.com/index.php?products=foo

    to have

    http://www.mysite.com/Products/Foo
    Last edited by Kor; 08-03-2009 at 11:16 AM.
    KOR
    Offshore programming
    -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

  • #4
    New to the CF scene
    Join Date
    Aug 2009
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi
    For security reason I have to dispaly same url in all pages when user open anyone page on website.
    I need a scrpit and it will be run on every jsp page of the website.


    Kor you are right

    and We are using Sun One Application Server.

    is it possible?

    thanks
    lalit
    Last edited by imlalit; 08-03-2009 at 11:21 AM.

  • #5
    Supreme Master coder! abduraooft's Avatar
    Join Date
    Mar 2007
    Location
    N/A
    Posts
    14,861
    Thanks
    160
    Thanked 2,223 Times in 2,210 Posts
    Blog Entries
    1
    For security reason I have to dispaly same url in all pages when user open anyone page on website.
    I need a scrpit and it will be run on every jsp page of the website.
    There is no way to hide the url of a page from an experienced user, though you may deceive an inexperienced user with the help of frames.

    If you think, your pages are not secure, fixing the security holes is the only effective way. Or you may need to keep them on your computer, without publishing on the Internet.
    The Dream is not what you see in sleep; Dream is the thing which doesn't let you sleep. --(Dr. APJ. Abdul Kalam)

  • #6
    Kor
    Kor is offline
    Red Devil Mod Kor's Avatar
    Join Date
    Apr 2003
    Location
    Bucharest, ROMANIA
    Posts
    8,478
    Thanks
    58
    Thanked 379 Times in 375 Posts
    Yeap. abduraooft is right. What I wanted to say is that you may mask the URL, but you can not really hide it.
    KOR
    Offshore programming
    -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

  • #7
    New to the CF scene
    Join Date
    Aug 2009
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    how to protect the URL over internet?
    is there any solution for that?

  • #8
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    18,079
    Thanks
    203
    Thanked 2,542 Times in 2,520 Posts
    Quote Originally Posted by imlalit View Post
    how to protect the URL over internet?
    is there any solution for that?
    Don't really understand "protect the URL over internet", but if you mean prevent people accessing it, the answer is No.

  • #9
    Kor
    Kor is offline
    Red Devil Mod Kor's Avatar
    Join Date
    Apr 2003
    Location
    Bucharest, ROMANIA
    Posts
    8,478
    Thanks
    58
    Thanked 379 Times in 375 Posts
    Protect from what? Why do you need to "protect" an URL?
    KOR
    Offshore programming
    -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

  • #10
    New to the CF scene
    Join Date
    Aug 2009
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Our Client had done the security audit of their website and directory listing found in security audit so now they want to hide the directory listing from URL.

    so what is the solution?

  • #11
    Supreme Master coder! Philip M's Avatar
    Join Date
    Jun 2002
    Location
    London, England
    Posts
    18,079
    Thanks
    203
    Thanked 2,542 Times in 2,520 Posts
    If you have a directory without the standard index.html in, such as an images folder, and you want to hide the Apache directory listing where all files are displayed, then put the following into a .htaccess in the folder. This will disable the listing and just tell the user they dont have access (although they can access files if they know the filename!)

    Code:
    Options -Indexes

  • #12
    Kor
    Kor is offline
    Red Devil Mod Kor's Avatar
    Join Date
    Apr 2003
    Location
    Bucharest, ROMANIA
    Posts
    8,478
    Thanks
    58
    Thanked 379 Times in 375 Posts
    In other words, you can prevent the user to open the directory, but you can not prevent him to open a file, if he knows the name of the file. Exceptions are the "pure" server-side files, which can be protected either using .htaccess or by different other techniques. I confess I don't know JSP (I could have shown you some in PHP), but you may put this question in JSP Forum:

    http://codingforums.com/java-jsp/
    KOR
    Offshore programming
    -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

  • #13
    Senior Coder rnd me's Avatar
    Join Date
    Jun 2007
    Location
    Urbana
    Posts
    4,371
    Thanks
    11
    Thanked 591 Times in 572 Posts
    Quote Originally Posted by imlalit View Post
    Our Client had done the security audit of their website and directory listing found in security audit so now they want to hide the directory listing from URL.

    so what is the solution?

    simple as pie:
    save this code as index.html and place it inside the directory to be blocked:
    Code:
    <h1>403</h1>
    don't forget to check webDAV settings, they can list files also...
    my site (updated 13/9/26)
    BROWSER STATS [% share] (2014/9/03) IE7:0.1, IE8:4.6, IE11:9.1, IE9:3.1, IE10:3.0, FF:17.2, CH:46, SF:11.4, NON-MOUSE:38%

  • #14
    New to the CF scene
    Join Date
    Aug 2009
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    It is not correct. Directory listing pattern is ocurring as www.myapp.com/rite/pre/information.jsp in address bar of browser.And Want to dispaly only www.myapp.com in address bar instead of www.myapp.com/rite/pre/information.jsp

    User is not opening the directory on server. User is accessing only the website.
    Web site is publically and every one access the site whomever interested on it. We can't refuse to user to access the site. We want to disbale the real url.

    We are using Sun One Application Server 2004Q7 for website.

    pls give ideas

  • #15
    Kor
    Kor is offline
    Red Devil Mod Kor's Avatar
    Join Date
    Apr 2003
    Location
    Bucharest, ROMANIA
    Posts
    8,478
    Thanks
    58
    Thanked 379 Times in 375 Posts
    Anyway, that is not a javascript issue, thus I have moved your thread into the JSP Forum
    KOR
    Offshore programming
    -*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •