Results 1 to 3 of 3

Thread: Hide information on the URL bar & the Explorer tab

  1. #1
    Join Date
    Apr 2009
    Thanked 0 Times in 0 Posts

    Default Hide information on the URL bar & the Explorer tab

    I have a question, which is asked from my client.

    "When browsing on any of our storefronts, the URL bar shows the full
    string of where the shopper is on the site, and the Explorer tab shows
    the HTML commands pertaining to the category description.

    Is there a way to disguise, hide, or shorten this information. It does
    not look good and does not feel very secure..."

    Can anybody provide some information on this?


  2. #2
    Join Date
    Mar 2006
    Illinois, USA
    Thanked 690 Times in 678 Posts


    The short answer is no, absolutely not. You must use a url that points to the page so removing that would lock all users to the homepage.

    The long answer is that you can work around this some and perhaps improve the look of the url.

    There are four possible ways to approach it:

    1. Attempt to use javascript to hide the url or display another address. This is all but impossible and even if it worked (hiding, not changing--that's impossible), then it would be very unreliable and only work in a few browsers.
    Don't bother with this.

    2. Use frames. This is an easy way to display the url of the homepage (or any page you'd like) that then contains a frame with the actual store or whatever else you'd like to display. The user can find the url being requested, but it won't be displayed anywhere directly.
    Frames are bad for a few reasons, though, so this is not an ideal solution.

    3. Use PHP or another serverside language to create a dynamic url.
    There are a number of approaches here, but basically you can use PHP to create a dynamic page that will serve various "surface level" pages to the user based on a few things.
    The most common is using "get" variables: page.php?id=7, where then the page called "7" in some list (on your server) would be displayed. This can be complex using just as much information as in your current urls: page.php?cat=software&product=something or you can simplify it somehow with abbreviated variables like id=7, etc.
    This won't "hide" the real url, but instead it will just make it look different. So the security of, for example, pasting the url to a friend won't change.

    4. Use .htaccess (mod_rewrite) to dynamically change the url:
    this is similar to PHP, but a little more complex to use. Basically it lets you program the server to take incoming requests of one sort and display pages of another sort based on rules. For example, you could replace all "1"s with "2"s in your urls:
    request: /page1.htm
    actual page served: /page2.htm
    the URL will read: /page1.htm
    And in this case "page1.htm" does not need to exist-- the server will just pretend that it does.
    So this could create a simplified url as well.
    But still like PHP above it's not possible to use this to hide the location so that people can't access it again.

    None of these methods can be used to "secure" the URL, just to change it.

    There is one final way you could consider, but be aware that this would be hard to setup (both programming and mostly logic), and it would limit users, for example in hitting the back button or reloading the page (possibly).

    Instead of using links on your website, use forms. This doesn't mean it can't be still "link" graphics (text that submits a form) or even that they need to fill in information in a form, but that instead you will have them actual submit data (behind the scenes) to the server.
    Then after this, the data can be stored in a session or cookie variable and you can act on that rather than on the URL.
    So to choose a product submit a form for that product. Then the SAME page loads, but since there is now post variable information that helps the server know what to do, the page will then display information about the product. If refreshed, the data can then have been stored in a session variable, you can do the same, etc.
    It's a very complex process and annoying because if someone bookmarks a product and returns at a later time they will instead get your homepage.

    So the bottom line is that your customer doesn't know enough about web design or web customers to understand that this is a terrible idea. Can you "do" it? No. Can you kinda "do" it and make it somewhat effective while not solving everything and possibly being awkward for the user? Yes.
    The simpler answer may be to simply rename all the folders to something shorter so the URL doesn't look as bulky. There's nothing wrong with doing that (but also no gain for 'security').
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  3. #3
    Join Date
    Apr 2008
    Thanked 516 Times in 502 Posts
    Blog Entries


    IMO, .htaccess (possibly combined with php) is the best way to get "pretty" urls. "Pretty" can mean the user will see instead of, or it could mean the user will see a made-up url (e.g., instead of the true location.

    More importantly, "pretty" means that it's all just skin-deep: looks better, but has no effect on function. The browser still knows where it's going (it has to), so the user can figure it out if they want to.

    Consider this:

    Trying to completely "hide" urls makes your site look sneaky, suspicious, and underhanded. You're telling the user to close their eyes and trust you, but there's something you don't want them to see.

    "Hiding" urls, etc. doesn't really work, so it doesn't make your site "more secure" in any way. In fact, knowing their location on your site actually helps keep your users "safe," in that they can more easily tell when something is wrong.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts