[jQuery] Re: Is it possible to hide the destination URL of a link?
You can't fake URLs. If you could, you could make a link that reads http://www.google.com link pointing to your personal page (or worse). Is it a problem that it's obvious it's a delete request? Isn't that what the user wants? You should use a form for that, where you can have the ID for deletion in a hidden (or visible) field and provide a nice and clean button for the action. (and you're missing a return false in your ajax attempt, without it the link is followed after the click event handler executes) On Jul 30, 8:49 pm, Anoop kumar V anoopkum...@gmail.com wrote: I have a menu, on which is a delete link. The URL of the link is quite plain:http://mysite.com?delete=trueid=123 (quite obvious I think that the request is to delete the id=123) I wish to hide the destination URL in the browser from the user - so that it shows a harmless url like:http://mysite.com?#or similar. The reasons are more aesthetic than anything else. Also the other advantage is once the user clicks on the link, and then hits on refresh, the request gets posted again and because the id=123 has already been deleted, it will just generate an error.. Does that make sense? I dont mind using ajax for this - but would love if I could get both options - ajax and non-ajax. Thanks, Anoop
[jQuery] Re: Is it possible to hide the destination URL of a link?
I think you could do something like the following:
a href=whatever you want in here class=id-123Delete/a
script type=text/javascript
$(a).click(function() {
var id = $(this).attr(class).split(-)[1];
this.href = /?delete=trueid= + id;
});
/script
But this isn't really the solution you want to go with.
Firstly, if you're using links to delete things, what happens if a bot
somehow gets into your site and starts clicking on all those links?
I've heard of people having there admin areas indexed by Google and
all sorts of hell breaking lose!
Make this sort of action happen via a POST request, not a GET.
If in your application deletions should only be done by certain
people, check this in your code before deleting.
Secondly, to solve the issue of a refresh happening and causing an
error, relocate back to the page after you have deleted the item.
You're right to be worried about this, I know that if I saw a URL
with ?action=deleteid=101 in, I'd be tempted to give ?
action=deleteid=102, ?action=deleteid=103, ?action=deleteid=104 a
try too! ;O)
On Jul 31, 12:49 am, Anoop kumar V anoopkum...@gmail.com wrote:
I have a menu, on which is a delete link. The URL of the link is quite
plain:http://mysite.com?delete=trueid=123
(quite obvious I think that the request is to delete the id=123)
I wish to hide the destination URL in the browser from the user - so that it
shows a harmless url like:http://mysite.com?#or similar. The reasons are
more aesthetic than anything else. Also the other advantage is once the user
clicks on the link, and then hits on refresh, the request gets posted again
and because the id=123 has already been deleted, it will just generate an
error.. Does that make sense?
I dont mind using ajax for this - but would love if I could get both options
- ajax and non-ajax.
Thanks,
Anoop
[jQuery] Re: Is it possible to hide the destination URL of a link?
In your server side i'll create an encripted string to avoid user edition in
the url. Looks like this:
http://mysite.com?delete=trueid=123encriptedURL=WXObT4eqDq+8iij5MksGDdaqhttp://mysite.com/?delete=trueid=123encriptedURL=WXObT4eqDq+8iij5MksGDdaq
encriptedURL variable contains the string delete=trueid=123 but in
encripted format.
After user click, your application will convert the query params and compare
with encriptedURL content. It's the same, ok? Otherwise display a message.
In ColdFusion I used this code to generate that encripted variable:
cfset yourURL = 'delete=trueid=123'
cfset yourURLEncripted = encrypt( yourURL, 'yourkey', 'CFMX_COMPAT',
'Base64' )
Cheers
Marco Antonio
On Fri, Jul 31, 2009 at 6:36 AM, Adrian Lynch adely...@googlemail.comwrote:
I think you could do something like the following:
a href=whatever you want in here class=id-123Delete/a
script type=text/javascript
$(a).click(function() {
var id = $(this).attr(class).split(-)[1];
this.href = /?delete=trueid= + id;
});
/script
But this isn't really the solution you want to go with.
Firstly, if you're using links to delete things, what happens if a bot
somehow gets into your site and starts clicking on all those links?
I've heard of people having there admin areas indexed by Google and
all sorts of hell breaking lose!
Make this sort of action happen via a POST request, not a GET.
If in your application deletions should only be done by certain
people, check this in your code before deleting.
Secondly, to solve the issue of a refresh happening and causing an
error, relocate back to the page after you have deleted the item.
You're right to be worried about this, I know that if I saw a URL
with ?action=deleteid=101 in, I'd be tempted to give ?
action=deleteid=102, ?action=deleteid=103, ?action=deleteid=104 a
try too! ;O)
On Jul 31, 12:49 am, Anoop kumar V anoopkum...@gmail.com wrote:
I have a menu, on which is a delete link. The URL of the link is quite
plain:http://mysite.com?delete=trueid=123http://mysite.com/?delete=trueid=123
(quite obvious I think that the request is to delete the id=123)
I wish to hide the destination URL in the browser from the user - so that
it
shows a harmless url like:http://mysite.com?#or
http://mysite.com/?#orsimilar. The reasons are
more aesthetic than anything else. Also the other advantage is once the
user
clicks on the link, and then hits on refresh, the request gets posted
again
and because the id=123 has already been deleted, it will just generate an
error.. Does that make sense?
I dont mind using ajax for this - but would love if I could get both
options
- ajax and non-ajax.
Thanks,
Anoop
[jQuery] Re: Is it possible to hide the destination URL of a link?
you can use post method to achieve it. http://docs.jquery.com/Ajax/jQuery.post On Fri, Jul 31, 2009 at 5:19 AM, Anoop kumar V anoopkum...@gmail.comwrote: I have a menu, on which is a delete link. The URL of the link is quite plain: http://mysite.com?delete=trueid=123 (quite obvious I think that the request is to delete the id=123) I wish to hide the destination URL in the browser from the user - so that it shows a harmless url like: http://mysite.com?# or similar. The reasons are more aesthetic than anything else. Also the other advantage is once the user clicks on the link, and then hits on refresh, the request gets posted again and because the id=123 has already been deleted, it will just generate an error.. Does that make sense? I dont mind using ajax for this - but would love if I could get both options - ajax and non-ajax. Thanks, Anoop
[jQuery] Re: Is it possible to hide the destination URL of a link?
Hi anoop I think you can store the required data in session. On Fri, Jul 31, 2009 at 5:19 AM, Anoop kumar V anoopkum...@gmail.comwrote: I have a menu, on which is a delete link. The URL of the link is quite plain: http://mysite.com?delete=trueid=123 (quite obvious I think that the request is to delete the id=123) I wish to hide the destination URL in the browser from the user - so that it shows a harmless url like: http://mysite.com?# or similar. The reasons are more aesthetic than anything else. Also the other advantage is once the user clicks on the link, and then hits on refresh, the request gets posted again and because the id=123 has already been deleted, it will just generate an error.. Does that make sense? I dont mind using ajax for this - but would love if I could get both options - ajax and non-ajax. Thanks, Anoop
[jQuery] Re: Is it possible to hide the destination URL of a link?
Yes - but I would not know the id until the user clicks on the link. There
are about 20 other links, each has an id. The user can hover on any link, a
pop up appears with the Delete link, clicking on it will call a URL which
is basically the same page (it is a jsp page) which see that the parameter
delete=true and based on that it knows that this is a delete request and the
id to delete is also passed to it.
To some extent I have figured out a way to hide the url. below is the jquery
code: I have bound the click event to the a element
var target = $(event.target);
if($(target).is(a))
{
if ($(target).text() == Delete)
{
var reg = $(this).find('.details input:first').val();
$.get(window.location + ?delete=trueid= + reg);
}
}
The problem I am facing now is that sometimes the page updates itself to
show the id that was deleted and sometimes even though the id was deleted,
the page does not reflect the deletion until the page is refreshed using F5.
Also I thought the $.get would be an async ajax request, but it seems the
whole page is hard refreshed (even though it seems useless because the id
deleted is still shown on the page, again - goes away after the manual F5).
I have just tried a lot of things using .load in the success, .ajax, .post
etc etc, but I have the same issue.
Thanks,
Anoop
On Fri, Jul 31, 2009 at 1:20 AM, rupak mandal rupakn...@gmail.com wrote:
Hi anoop I think you can store the required data in session.
On Fri, Jul 31, 2009 at 5:19 AM, Anoop kumar V anoopkum...@gmail.comwrote:
I have a menu, on which is a delete link. The URL of the link is quite
plain: http://mysite.com?delete=trueid=123
(quite obvious I think that the request is to delete the id=123)
I wish to hide the destination URL in the browser from the user - so that
it shows a harmless url like: http://mysite.com?# or similar. The reasons
are more aesthetic than anything else. Also the other advantage is once the
user clicks on the link, and then hits on refresh, the request gets posted
again and because the id=123 has already been deleted, it will just generate
an error.. Does that make sense?
I dont mind using ajax for this - but would love if I could get both
options - ajax and non-ajax.
Thanks,
Anoop
[jQuery] Re: Is it possible to hide the destination URL of a link?
you can also use form submit. onclick event you can reset the value of form
element and submit the form.
On Fri, Jul 31, 2009 at 11:02 AM, Anoop kumar V anoopkum...@gmail.comwrote:
Yes - but I would not know the id until the user clicks on the link. There
are about 20 other links, each has an id. The user can hover on any link, a
pop up appears with the Delete link, clicking on it will call a URL which
is basically the same page (it is a jsp page) which see that the parameter
delete=true and based on that it knows that this is a delete request and the
id to delete is also passed to it.
To some extent I have figured out a way to hide the url. below is the
jquery code: I have bound the click event to the a element
var target = $(event.target);
if($(target).is(a))
{
if ($(target).text() == Delete)
{
var reg = $(this).find('.details input:first').val();
$.get(window.location + ?delete=trueid= + reg);
}
}
The problem I am facing now is that sometimes the page updates itself to
show the id that was deleted and sometimes even though the id was deleted,
the page does not reflect the deletion until the page is refreshed using F5.
Also I thought the $.get would be an async ajax request, but it seems the
whole page is hard refreshed (even though it seems useless because the id
deleted is still shown on the page, again - goes away after the manual F5).
I have just tried a lot of things using .load in the success, .ajax, .post
etc etc, but I have the same issue.
Thanks,
Anoop
On Fri, Jul 31, 2009 at 1:20 AM, rupak mandal rupakn...@gmail.com wrote:
Hi anoop I think you can store the required data in session.
On Fri, Jul 31, 2009 at 5:19 AM, Anoop kumar V anoopkum...@gmail.comwrote:
I have a menu, on which is a delete link. The URL of the link is quite
plain: http://mysite.com?delete=trueid=123
(quite obvious I think that the request is to delete the id=123)
I wish to hide the destination URL in the browser from the user - so that
it shows a harmless url like: http://mysite.com?# or similar. The
reasons are more aesthetic than anything else. Also the other advantage is
once the user clicks on the link, and then hits on refresh, the request gets
posted again and because the id=123 has already been deleted, it will just
generate an error.. Does that make sense?
I dont mind using ajax for this - but would love if I could get both
options - ajax and non-ajax.
Thanks,
Anoop
