10

Strange question here.

I'm building a website for a client that is an abused women's shelter. They want to ensure the safety of women looking for their services.

One of their requests is that if someone uses their website, that somehow it won't register on the browser's history. I've never seen that before, but need to at least look into it.

My only thought is to somehow load all pages within a single page, then make that page not have the actual shelter's name in the title and url. So if someone happens to look at the history, it'll show like "Sue's Bakery" instead of the actual name.

This may be a stretch, but I'm just looking for any suggestions here.

If there is actual code to block the website from a browser's history, that'd be even better.

Thoughts???

Chuck Le Butt
  • 47,570
  • 62
  • 203
  • 289
Aaron
  • 237
  • 1
  • 7
  • 4
    Reminds me of https://css-tricks.com/website-escape/ – zzzzBov Nov 10 '15 at 15:49
  • 9
    If the client is using Firefox or Chrome, there are stealth modes / private browsing. Better advice your client to take advantage of that.. – Alfred Nov 10 '15 at 15:50
  • I'm fairly certain there's no straightforward method to achieving this, but I'm interested to see what hacks people come up with to help. – Chuck Le Butt Nov 10 '15 at 15:50
  • Interesting question. I don't know the answer for sure, but my instinct tells me that since history is locally stored and largely a feature of the browser being used, a website does not typically have access to a user's history. – Mage Xy Nov 10 '15 at 15:50
  • 2
    Also relevant: http://stackoverflow.com/q/2860879/497418 – zzzzBov Nov 10 '15 at 15:51
  • You need to define what kind of protection do you need. Browser history is one thing, but there are also machine/network/ISP/Internet level which might be important. – Alma Do Nov 10 '15 at 15:53
  • The only thing I can think of is if somehow to force the browser to load the site into private mode after loading it. – SG_Rowin Nov 10 '15 at 15:56
  • 2
    It would be helpful to understand how women will be accessing this site. Will it be straight from Google, or will they be directed to it from elsewhere. If it's the latter you could offer solutions to protect privacy before they visit the site (eg. "How to enable Privacy Mode"). – Chuck Le Butt Nov 10 '15 at 15:58
  • Relevant: http://security.stackexchange.com/questions/59180/how-to-block-web-sites-from-viewing-browsing-history-within-firefox – OneCricketeer Nov 10 '15 at 15:58
  • 4
    As its unlikely they'll be going to the site directly, you can't protect them from leaving a trail of searches behind showing they searched for it. So putting instructions on your site on how to clear cache/history in all the major browsers is probably infinitely more helpful than any javascript hack to remove your pages from the history. – developerwjk Nov 10 '15 at 16:02
  • @zzzzBov Thanks for that site! I'll look into if it still works. – Aaron Nov 10 '15 at 16:53
  • I'll now be implementing a 'how to' for private browsing on the site. Many thanks for the suggestions here. cc/ @blasteralfredΨ – Aaron Nov 10 '15 at 16:55
  • you're welcome @Aaron , hope I've helped you.. – Alfred Nov 10 '15 at 19:13

1 Answers1

2

There's no way to prevent a site from appearing in a browser's history. Likewise there is no reliable way to detect if the user is using Private Browsing mode (and so redirect them to a "safe" site if they're not).

As others have said; if they're accessing the site via Google, it would be best to offer clear instructions on how to remove items from a browser's history (showing different illustrated instructions for each browser).

If they're accessing the site from somewhere else, instructions could be listed there to inform them how to enable (and later, disable) Private Browsing mode.

You mention attempting to hide the site via a fake name. One way this might work is placing the site into a dummy site with an iframe pointing to the "real" site. The iframe could be for "Sue's Bakery" (as you said), but the iframe would house the content from the real website. Unfortunately I don't believe Google would like this, and so nobody will ever find the "safe" iframe version of the site through Google. Would this be a problem?

There may be a way to try and take users to the iframe version of the site, and Google to the "real" version, but it would likely be unreliable not something Google would like you to do (perhaps Google should add such a feature to their rankings for registered abuse charities -- hmm).

Sorry for not being able to offer a clear and easy solution, but I don't believe one exists.

Chuck Le Butt
  • 47,570
  • 62
  • 203
  • 289
  • 1
    I do know that the iframe/hidden site is a bad idea in the eyes of Google. :) But i had to at least put it out there. I'm thinking the How-to for private browsing is the key, and implementing a 'quick escape' button that just launches a generic page too. The more safe the better. – Aaron Nov 10 '15 at 16:56
  • @Aaron Absolutely. I was just trying to cover all bases as it wasn't clear how people were going to get to your site. I do wonder if there's a brilliant solution waiting to be found. Good luck! – Chuck Le Butt Nov 10 '15 at 17:01
  • I'm hoping to see some brilliance in some answers here too. :) I'll post if I find anything amazing. – Aaron Nov 10 '15 at 17:06