This is probably a simple question but I can't seem to find what I am looking for on the web so here it goes. I have a link on my pany INTRAnet site that senior management does not want the employees to see the actual web address (via the source option on the View tab of IE).

Please let me know how I can do this in HTML, asp or JS.

Thanks!

:)

This is probably a simple question but I can't seem to find what I am looking for on the web so here it goes. I have a link on my pany INTRAnet site that senior management does not want the employees to see the actual web address (via the source option on the View tab of IE).

Please let me know how I can do this in HTML, asp or JS.

Thanks!

:)

• javascript
• asp
• html
• hyperlink
• security

Share Improve this question Follow edited Apr 10, 2013 at 20:47 Funk Forty Niner 74.2k1515 gold badges7070 silver badges143143 bronze badges asked Apr 10, 2013 at 19:22 user2267619user2267619 911 silver badge11 bronze badge 5

• 5 Do you realise that whatever you do, the URL will be visible when they click the link? – John Dvorak Commented Apr 10, 2013 at 19:25
• 1 To be clear, Senior Management wants the employees to be able to click the link but not to be able to see where they are going? – pete Commented Apr 10, 2013 at 19:26
• 3 A Url Shortening service like bitly or tinyurl will obfuscate the url but eventually the users will see the real url on their browser address bar. – Jasen Commented Apr 10, 2013 at 19:36
• @pete: That sounds like a safe idea ^_^ – gen_Eric Commented Apr 10, 2013 at 19:52
• 2 I won't downvote, but this can't be done. period end of story eventually the link shows up in the address bar and can be copied. – Ryan Commented Apr 10, 2013 at 20:42

Add a ment  | 

5 Answers 5

Sorted by: Reset to default 6

You can't. Tell senior management to quit being so secretive.

Not sure if this is what you want, but here is a similar Question:

php encrypt and decrypt

Does it help at all? There is another, but it is a php code:

http://php/manual/en/function.mcrypt-encrypt.php

Also, what language are you looking to implement the code?

Alernatively, you can use this site: http://www.iwebtool./html_encrypter and on the box you type your html e.g.

     <a href="https://stackoverflow./posts/5934696"> This is your post link</a>

Then use the "Encrypt" button. It will return you the javascript you are looking for.

E.g.

     "<"Script Language='Javascript'>
         document.write(unescape('%3C%61%20%68%72%65%66%
         3D%22%68%74%74%70%3A%2F%2F%73%74%61%63%6B%6F%76%65%72%66%6C%
         6F%77%2E%63%6F%6D%2F%70%6F%73%74%73%2F%31%35%39%33%34%36%39%
         36%22%3E%54%68%69%73%20%69%73%20%79%
         6F%75%72%20%70%6F%73%74%3C%2F%61%3E'));
     </Script>

No jsFiddle because that javascript isn't allowed.

First and foremost, it's impossible to hide the url from the browser. The browser has to request the webpage from the server, and even if the url was obscured somehow, it would have to be plaintext in the HTTP Request, which would open it up to a man-in-the-middle utility like Fiddler.

Second, this feels like security through obscurity. Resources that certain people shouldn't have access to should be locked down explicitly, not just hidden because the user doesn't know the url (yet).

However, purely as a thinking exercise... I suppose... you could write a handler that knows the real url, uses code to retrieve the content of the page, and then writes that to the response. So the users would see the handler url, but not where the handler is pulling it's data from. However, you'd then have to go to great lengths to find all links and resources on the page and convert those references to also go through your handler.

Of course, practically speaking, I think this concept is silly. There's some problem your senior management is trying to solve, and hiding the url from the user is not the answer.

If upper management is this secretive then it's a safe bet that you also already have IT people who have browsers locked down as well, meaning Internet Explorer. It's possible that your IT team might be able to force the address bar to hide for all browsers within your pany. I don't think that this can be done on a per request basis. Meaning that the address bar would either be on or off all the time.

According to this post your IT team might be able to update the registry to hide the address bar like so:

Run following RegKey:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\ToolBars]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\ToolBars\Restrictions]
"NoNavBar"=dword:00000001

Here's a google search that might also offer additional information.

Well rather than making it disappear you can make it hard for others to see through and even impossible for those who have no knowledge of base-64. Here is a code :

 var a = document.querySelectorAll("*"), b = 0;
   for ( b = 0; b < a.length; b ++ ) {
     if ( a[b].hasAttribute("data-href") ) {
       a[b].href = atob( a[b].getAttribute("data-href") );
     };
   };

Now you can call something like this :

 <a data-href="aHR0cDovL3d3dy5teWNvbXBhbnkuY29t">Go</a>

By using btoa() I converted "http://www.mypany." to "aHR0cDovL3d3dy5teWNvbXBhbnkuY29t" in base-64 and designed "data-href" to understand the encoding. Behind all this it will look and act like :

<a href="http://www.mypany.">Go</a>