Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it possible to stop a browser storing a URL in its history?

Tags:

browser

When a user clicks to a page using a link on a previous page, is it possible for the target page to, on its own accord, remove its own URL from browser history (without significant modification of the page that actually has the link on it, unless, perhaps it were a simple HTML attribute or something)?

Obviously I should not be storing sensitive information in the URL, but there are some cases where I have to store some information in the URL, and, while it is not sensitive, it is still better for it to not be stored in history. (These URLs are completely not useful to the user if they were to show up in history.)

So is there a way for me, as a webapp developer, to keep these out of history, at least in some modern browsers? (Something such as HTTP headers, JavaScript or HTML, etc on the page that loaded as a result of the URL.)

(I'm not interested in techniques such as fetching pages with AJAX, iframes, etc, where the user does not actually navigate to said URL, but still manages to get content from it.)

like image 471
700 Software Avatar asked Jan 22 '13 19:01

700 Software

3 Answers

It looks like this is not possible.

The browser history will store the URL. The best that can be done is either to prevent the URL from going into the back/forward buttons, or use "techniques such as fetching pages with AJAX, iframes, etc, where the user does not actually navigate to said URL, but still manages to get content from it".

like image 58
700 Software Avatar answered Nov 13 '22 03:11

700 Software

Using javascript, you could use replace method of window.location :

window.location.replace(String url)

Check the documentation here for more details

like image 3
rayfranco Avatar answered Nov 13 '22 03:11

rayfranco

In some circumstances, sending a 302 Found response and redirecting to another page could work. If you need to hide query string parameters, you could set a session cookie with them on the initial, redirected response, then use them to serve the response on the real page. Just remember to clear the cookie when you serve the page.

But this is an entirely server-side way to do it, and while you can hide sensitive data, you'll still see some page on the domain in the history.

like image 1
David Ehrmann Avatar answered Nov 13 '22 04:11

David Ehrmann
Sign in to Comment

Related questions

How can I convert TTF files to OTF format?
Import from web - set user agent in Mathematica
Execute python code inside browser without Jython
Android viewport setting "user-scalable=no" breaks width / zoom level of viewport
Check if Internet Connection Exists with Ruby?
Prevent mouse wheel scrolling, but not scrollbar event. JavaScript
Get add-on id of extensions in Firefox
How do you check the browser's user agent in a JSP page using JSTL, EL?
Is there a way to install iPhone App via browser?
What are the limitation using before unload event?
Why is WebBrowser_DocumentCompleted() firing twice?
Should your website work without JavaScript [duplicate]
Can I bind HTML to a WPF Web Browser Control?
Detect exact OS version from browser
How to Redirect all IE users to a new page
Invalid blending results across all browsers with HTML5 canvas
Digitally sign data in browser using smart card or certificate
Is there a way to programmatically test for browser GPU acceleration?
What is the complete process from entering a url to the browser's address bar to get the rendered page in browser?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!