Member Avatar

In the javaScript function below, is there anything I can add to the so that the parameters passed in the URL do NOT show in the window that is opened? It is okay if the script path shows, I just need to hide the parameters. If that is not possible, can I have it show no URL show at all?
Many thanks,

function OpenTest2(ID,course,test)
	var agree=confirm("Are you sure you want to Launch this test?");
	if (agree){
	path = "testing_center/frameset.cfm?TestID=" + ID + "&UserID=<CFOUTPUT>#session.userID#</CFOUTPUT>"; ,'popuppage','scrollbars=yes,fullscreen=yes');
	return false;
return false;

Recommended Answers

All 4 Replies

If it's a question of security, then there's no way to absolutely guarantee that a determined user will not somehow discover the testID/userID parameters. Any data that goes client-side is vulnerable.

If it's just a question of hiding something rather ugly, then you can suppress the opened window's address bar with ,'popuppage','scrollbars=yes,fullscreen=yes,location=no'); .

Most popular browsers will reveal the address bar with some simple key-press, eg F11.

An alternative approach would be to use a modal dialog within the main window. This is more involved but can be achieved with eg. the javascript libs jquey/jqueryUI, typically with ajax to fetch the data to be displayed in the dialog.


since you seem to be passing very minimal data, try setting some cookies instead of passing the data via url. Then on the server retrieve the data from the cookies.

In "The Scripts" section of you will find three very useful functions. Save them as cookies.js and import them into your page. Then use them to create a cookie for each of the data you want to "pass" to the server.

The drawback is of course that the user will require to have cookies enabled.

Member Avatar

Airshow: it's more security than cosmetic; the system is used for taking placement tests, and we've had a couple students save the url and go back to it later (the tests are proctored, but not all proctors are vigilant, apparently). I did try the location=no and it did nothing, it IE or Firefox. The URL address still showed.

Hielo: cookies might work, and should not be a problem, because I think cookies are used in other parts of this system already.

Thank you both for the help!


I think you need to run with Heilo's cookies.

There are other ways to pass data invisibly between windows but Cookie is as good as any and simpler than some.


Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.