I need to be able to open up an external URL in my website with out revealing it to my users (both in the browser and in the source). I do not want them to be able to copy the URL and edit the query string to their liking. Is there a way to open the URL in an iframe, or something of the like, and hide/mask its source?
This is an asp.net 2.0 website.
No. If you are having the clients machine do something (i.e, point their browser to a web page), you can not keep that information from them.
You can render that page server side in a flash widget or some other container but you can't do it on the clients machine.
Best bet: You can make a server-side XMLHTTP request, grab the response and feed in back into your page using AJAX.
You could possibly do it server side by:
That would probably slow down your page load considerably though, and could come coupled with legal issues.
Could you do the following:
This way users would never know about the other site, and it should be much more secure.
This could also use some validation/authentication so users are unable to alter the parameters passed to retrieve other users' PDFs.
I had a similar problem myself a while ago and did something along these lines (C# .NET 2.0);
public void StreamURLContents(string URL)
{
WebRequest req = WebRequest.Create(URL);
using (HttpWebResponse resp = (HttpWebResponse)req.GetResponse())
using (Stream dataStream = resp.GetResponseStream())
using (StreamReader reader = new StreamReader(dataStream))
{
string currentLine = reader.ReadLine();
while (currentLine != null)
{
Response.Write(currentLine);
currentLine = reader.ReadLine();
}
}
}
You would have to tailor the writing of the HTML to suit your particular application obviously, and you'd break all of the relative links in the target site (image URLs, CSS links etc.), but if you're only after simple text HTML and want your web app to grab it server-side, then this is a good way to go.
You can make a one-time URL by doing the following: