Use URL rewriting in Ajax to avoid URL exposure

Remember an interview, there is such an interview question:
JSP pages need to use the implementation of Ajax, the need to call the Java URL, the problem is if the user to view the page source code can see the real URL, how to avoid this problem.

To tell the truth, Ajax I use only the fur, will only use JS to get parameters, and then passed to the Java application, processed by the application. If there is a return requirement, the data can be returned in XML.

The use of their own time did not consider the issue of URL exposure, see this topic, there was no attention. Think about it, I think of the implementation method is to specify their own set of rules, and then the page to write the URL according to the rules to organize, and then upload to a middleware: the function of this middleware is to parse these URLs, to get the final real URL, It is then processed by the middleware to go to the corresponding request.

Recently listen to the classmate said, as if the URL rewrite can be better implemented, just looked at
1. Download Urlrewrite, official: Http://tuckey.org/urlrewrite/dist/urlrewritefilter-2.6.zip
2. Add the following code to the Web. xml
XML code
<filter>
<filter-name>UrlRewriteFilter</filter-name>
<filter-class>
Org.tuckey.web.filters.urlrewrite.UrlRewriteFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>UrlRewriteFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

3. Establish a Urlrewrite.xml
1<?xml version= "1.0" encoding= "Utf-8"?>
2<! DOCTYPE urlrewrite Public "-//tuckey.org//dtd urlrewrite 3.0//en"
3 "HTTP://TUCKEY.ORG/RES/DTDS/URLREWRITE3.0.DTD" >
4<urlrewrite>
5 <rule>
<from>^/world/(. *) $</from>
<to>/world.jsp?tid=$1</to>
</rule>
9</urlrewrite>

Rule is the URL rewrite rules, from is the address that is displayed, to is the actual address of the map, the override parameter, can be multiple, () is a matching regular expression.

Create a new world.jsp in the project, start Tomcat, enter
Http://localhost:8080/mysite/world/1
MySite is your project name.
Actually, it's http://localhost:8080/mysite/world.jsp?tid=1.
This makes it easy to implement pseudo-static effects.

In Ajax, the var url = "", this place writes a virtual access path, and then the parsing rules are represented in the Urlrewrite.xml, then to the background, it can automatically parse into the real path, so as to achieve the protection of the URL.

Use URL rewriting in Ajax to avoid URL exposure