Response.Redirect will work, but it still sends the URL out to the browser,
and that means the visitor can discover it. For example, they can right-click
the resulting page and choose Properties.
Paul, if you realy want to hide this URL from the visitor, you'll need to
put the whole app on one server. If, as you seem to imply, the main page
comes from one server and the pictures come from another, then the browser is
the only point of union. In other words, the browser has to know all the
details of what to request from the second server. And if the browser knows
it, the Web visitor can discover it.
To really secure this information, you would need to "remember" it as
Session variables on the one and only server, and then send an abbreviated
URL out to the browser. Then, when the request comes back in, you would
retrieve the sensitive information from the Session variables.
Alternatively (and something I don't recommend) you could write an ASP.NET
or ASP page that runs on the server that delivers the main page, that
retrieves the picture bits from the picture server, and that retransmits the
picture bits to the browser.
That's about all the advice I can offer. If you need more, you'll have to
describe the application in greater detail.
Jim Buyens
Microsoft MVP
http://www.interlacken.com
Author of:
*----------------------------------------------------
|\---------------------------------------------------
|| Microsoft Windows SharePoint Services Inside Out
|| Microsoft Office FrontPage 2003 Inside Out
||---------------------------------------------------
|| Web Database Development Step by Step .NET Edition
|| Microsoft FrontPage Version 2002 Inside Out
|| Faster Smarter Beginning Programming
|| (All from Microsoft Press)
|/---------------------------------------------------
*----------------------------------------------------
