- From: Shelagh Power <s.power@syzygy.net>
- Date: Wed, 25 Oct 2000 12:33:55 +0100
- To: www-html@w3.org
>The answer is that it is fundamentally impossible >to do it, as users can view source or bypass the >browser. ..but what about technologies such as .jsp where you can assign variables to page names and therefore specify the name rather than the url in the servlet links? Not html but I don't think this is impossible -----Original Message----- From: Dave J Woolley [mailto:david.woolley@bts.co.uk] Sent: Wednesday, October 25, 2000 11:43 AM To: www-html@w3.org Subject: Obfuscating downloaded URIs (was: Download question) > From: Bakos Peter [SMTP:koka@makacs.poliod.hu] > > Is there any way to hide the url of the downloadable file? > [DJW:] This appears to be a question about a particular browser, not standard HTML, and therefore off topic. The answer is that it is fundamentally impossible to do it, as users can view source or bypass the browser. It is also very undesirable from a security point of view, as users need to make judgements on whether they trust what is being downloaded. You can obfuscate links to some extent by using non-HTML techniquese, like Javascript, and that might work for media types that don't display by default, but you can still read source, and normal browsers will still include part of the URI in the confirmation message. In fact, if any site tried to do this to me with Javascript I'd definitely read the source to make sure they weren't pulling any other tricks. I'd first have to turn scripting on! -- --------------------------- DISCLAIMER --------------------------------- Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of BTS. >
Received on Wednesday, 25 October 2000 07:30:13 UTC