Is the URL fragment identifier sent to the server?

2019-01-08 01:08发布

问题:

Possible Duplicate:
Can PHP read the hash portion of the URL?

The (famous?) web site mega.co.nz uses a hash mark in URLs to link to encrypted files; the portion of the URL after the hash mark contains a password, and encryption is claimed to happen on the client side. It is certainly feasible to use javascript for client-side encryption but … isn't the URL sent to the server, thus revealing the password to the server itself?

The URL looks like

https://example.com/#!encryptedfilename_password

回答1:

Fragment identifiers are not sent to the server. The hash fragment is used by the browser to link to elements within the same page.