Hide param value (guid) in an URL

In my route

.when('/user:user_guid',{
        templateUrl : 'users/profile.html',
        controller : 'userController'
    })

In my index.html within the ng-repeat I have

<a href="#/user/:{{user.user_guid}}">view profile</a>

It works but in my URL I'm seeing the guid has been exposed. Is there any way to hide it?

Answers:

Answer

Use ng-click

<a ng-click="go_url(user)">view profile</a>

and then in some controller

//it has many possible solutions, this is one of them
//according to your config, you're using angular route provider
$scope.go_url = function(_user){
    //be sure to inject $location service
    $location.path('/user/' + _user.user_guid);
}

If you don't want to expose URL in browser, use service that can hold guid variable inside, and grab it when user navigates to /user


Here's the demo

angular.module('demo', ['ngRoute']);
  angular.module('demo').config(function($routeProvider){
    $routeProvider
    .when('/welcome', {
      templateUrl: 'welcome_page'
    })
    .when('/user', {
      templateUrl: 'hello_page'
    })
    .otherwise({redirectTo: '/welcome'});
  });
  angular.module('demo').service('SecretServ', function(){
    this.secret_guid = '';
  });
  angular.module('demo').controller('Controller1', function($scope, $location, SecretServ){
    $scope.user = {
      guid: '123345567234'
    };
    $scope.go = function(){
      SecretServ.secret_guid = $scope.user.guid;
      $location.path('/user');
    };
  });
  angular.module('demo').controller('Controller2', function($scope, SecretServ, $location){
    $scope.guid = SecretServ.secret_guid;
    $scope.exit = function(){
      $location.path('/welcome');
    }
  });
<script src="https://code.angularjs.org/1.4.4/angular.js"></script>

<script src="https://code.angularjs.org/1.4.4/angular-route.js"></script>

<div ng-app="demo">
  My app
  <div ng-view></div>
<script id="welcome_page" type="text/ng-template">
<div ng-controller="Controller1">
Welcome<br>
To go to private page, click <button ng-click="go()">me</button>
</div>  

</script>
<script id="hello_page" type="text/ng-template">
<div ng-controller="Controller2">
Hello {{guid}}, <button ng-click="exit()">exit</button>
</div>    
</script>
</div>

Answer

You can encrypt the URL parameters. And then in PHP when you read POST/GET param, you first decrypt it and then read the values. This way nothing gets exposed. I've done it for some of my own projects, and it works.

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.