In an attempt to improve site security, I would like to mask or hide urls in a Rails 3 application. I don't want "friendly" urls. I would prefer that just the domain be displayed in the brows开发者_如何学运维er address. I read that it is possible in rails 2 but not in rails 3. If that is true, what else can i do?
UPDATE: Is hiding ID's the best i can do? If so, what is the best method?
Thanks.
Check out some authorization solutions. CanCan has worked for me in the past and is simple to implement.
EDIT: After reading your question this doesn't do what you want (mask urls), but if your goal is to improve site security implementing an authorization solution is a much cleaner thing to do than just hiding urls from an end user.
Build everything in a frameset. That will hide the URL from the address bar. But it will do nothing for site security as an attacker can just read the page source and find them anyways. There is no real way to hide the URL from the browser and therefore a dedicated attacker, as the browser is going to need to be told where to go.
精彩评论