[WEB4LIB] blanking URL from browser address line

Robert J. Tiess u1019306 at warwick.net
Sat Feb 13 06:47:55 EST 1999


Could it be as simple as changing the corresponding form method
from Get to Post?  I haven't seen the URL to the page alluded
to here, but that's likely one option.  At the server side
there'd need to be some adjustment in the Perl code if it's not
Get/Post ready.  The encoded URI (Uniform Resource Identifier)
wouldn't appear with POST, only the ACTION URL (e.g. /test.cgi).
Hope this could help.

Robert

rjtiess at warwick.net
http://members.tripod.com/~rtiess

Dan Lester wrote:
> 
> Hi.  I can swear that I've seen information on this before, but some pretty
> extensive searching hasn't turned it up.
> 
> We're using a perl script for user authentication to reach remote
> databases.  The user fills in an ID and PIN, they're authenticated against
> a user database, and then redirected to a licensed site that requires a
> login and password.  What we'd like to do is have the URL not appear in the
> browser address window, as it is possible for a semi-knowledgable user to
> read the login and password from the total URL.  Naturally, this somewhat
> compromises security.
> 
> As noted, I'm either crazy, or have seen before, a method of doing this
> with O'Reilly Website 2.3.x, and perhaps with other servers as well.  It
> seems it is an easy trick, but I'm drawing a blank.
> 
> Any assistance or suggestions appreciated.
> 
> thanks
> 
> dan
> 
> --
> Dan Lester, 3577 East Pecan, Boise, ID 83716-7115 USA 208-383-0165
> dan at 84.com   http://www.84.com/  http://www.idaholibraries.org/
> http://library.boisestate.edu/   http://cyclops.boisestate.edu/
> http://www.lili.org/  http://www.postcard.org/ Sent me a postcard of a
> library yet?


More information about the Web4lib mailing list