Quoting shankarr <[EMAIL PROTECTED]>: > Hi! > > Thanks for the response. > http://localhost:8081/log4jdemo/loginScreen.do is what I see in my url. > I would like to keep this a constant at http://localhost:8081/log4jdemo > only. > I am using both a href and html:link. > > But, even in cases where i use direct action like /loginScreen.do, on > invoking the action, i.e clicking a button, > i get the full path in the url. >
As others have suggested, using frames is an easy way to leave a constant URL showing in the location bar. It works even if you have a <frameset> with only one frame in it. Another alternative would be to use a little JavaScript to open a window that does not have a location bar, and run your app there. > This exposes the data to the hackers and will be a big issue in deployment. > I hope you understand that neither of the above techniques, nor pretty much any other hiding technique, will do the slightest bit of good at protecting knowledge of the URLs being used from hackers? The client browser (or application, since hackers have been known to write HTTP client apps that try to act like a browser) sees all the real URLs. So will anyone who can do a View Source on the actual HTML. Controlling the URL in the location bar for aesthetic reasons is fine. Assuming that this would improve the security of your application is a bad mistake. > Any help will be appreciated. > > Richie > Craig McClanahan --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
