Hi, I am working in an ASP.NET mvc application. With regards to URL's I could see the Controller and action names in the address bar when user navigates between pages. Is there a way to hide them, such that the address bar always displays http://mywebsite.com without any action names or controller names suffixing them, or is there any other standard practices? Or is it ok to leave the URL as such which can contain action and controller suffixes?
+1
A:
Having the URL not change is very bad practice. Not only does it look confusing, but it makes it impossible to bookmark things, and copy and paste URLs.
Why would it not be OK to leave the descriptive names in the URL? (You are using descriptive names, aren't you?)
Matti Virkkunen
2010-05-21 21:28:02
Yes I am using descriptive names, so i think I dont need to worry about this. Thanks for your comments.
SARAVAN
2010-05-21 22:04:09
+1
A:
The url is supposed to be descriptive of the content.
http://www.mysite.com/ isn't descriptive of viewing product #22's details, however:
http://www.mysite.com/Products/Details/22 is. This is intended behaviour, you can obfuscate them a bit by messing with rotues but it's not wise as it makes your webpage harder to debug and is unneeded.
It's not so much of a security risk to expose controller/method names because you chose those names based on the functionality you want to expose to the user. There are many other security mechanisms in place to prevent them from messing with things, like user authentications, filters, etc...
Aren
2010-05-21 21:30:03