This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes JSP and the fly likes Encrypting URL in Address Bar Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Encrypting URL in Address Bar " Watch "Encrypting URL in Address Bar " New topic
Author

Encrypting URL in Address Bar

swati bannore
Ranch Hand

Joined: Oct 18, 2000
Posts: 201
Hi,
I ve an html Form which accepts UserName and Password.On submit, I am passing both the values to JSP file say ,validate.jsp which will validate the user and password and accordingly display the data.
Now, When I say submit in form, I can see username and password values in the URL in the address bar. Is there any way to hide this ?
Help,Thx
Swati


Swati Kale
SCJP
SCWCD
Shubhrajit Chatterjee
Ranch Hand

Joined: Aug 23, 2001
Posts: 356
in your html form use method="post"
like
<form name="myform" method="post" action="my.jsp">


Shubhrajit
Simon Brown
sharp shooter, and author
Ranch Hand

Joined: May 10, 2000
Posts: 1913
    
    6
Yes, using the POST method will stop the form details from being transmitted as part of the URL.
If you truly want to ensure that this information is encrypted between the client and the server though, you must use something like HTTPS on top of this because POST requests are still made in "plain text", even though they are not part of the URL.
Hope that helps
Simon
swati bannore
Ranch Hand

Joined: Oct 18, 2000
Posts: 201
Thx Shubhrajit and Simon.
I am using POST and shall explore HTTPS as told by Simon.
Swati
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Encrypting URL in Address Bar
 
Similar Threads
Hiding Session ID in address bar
authorization doubt
Direct access to a URL
How to avoid sending authentication parameters in request url?
Stop Submition of form while refresh