Is the URL fragment identifier sent to the server?

15.5k views Asked by At

Possible Duplicate:
Can PHP read the hash portion of the URL?

The (famous?) web site mega.co.nz uses a hash mark in URLs to link to encrypted files; the portion of the URL after the hash mark contains a password, and encryption is claimed to happen on the client side. It is certainly feasible to use javascript for client-side encryption but … isn't the URL sent to the server, thus revealing the password to the server itself?

The URL looks like

https://example.com/#!encryptedfilename_password
1

There are 1 answers

1
aziz punjani On BEST ANSWER

Fragment identifiers are not sent to the server. The hash fragment is used by the browser to link to elements within the same page.