I think it’s one of those questions where you need to ask why you want to do this? What are you trying to achieve?
Knowing that may point to a suitable solution.
Anything in the HTML is going to be accessible to users. The same holds true for hidden input elements. Never reveal sensitive data in html via hidden form inputs or otherwise. Doing so is a huge security vulnerability. Like others have stated there is a more appropriate way to solve your problem.
but if it was done using an ajax in a function you could set the secret bit in the php page the ajax is calling, without the user seeing what it is. If someone looked at the html they would just see the ‘onlick function’
I have a really simple ajax function that just inserts a vote into a table when someone clicks a link, but it could do anything like set a cookie or variable.
only in browsers with JavaScript enabled. With so many junk scripts out there a lot of people only enable JavaScript for the specific sites where they know it works properly.
I’ve only ever heard of people doing that on this forum – no where else. Aeverage users aren’t going to do that. So I think you’re slightly over exaggerating.
“I want people to be able to download content to their browser, but not to be able to have the content on their computer.”
Maybe <input type="hidden" would more accurately be <input type="not_rendered"
I imagine a good number of people don’t know about “view source” or “F12”, but I would not rely on that in keeping something hidden.
In terms of links, there are GET variables.
These can be obvious such as index?lang=en or less obvious as “friendly” URLs index/en/
No. Some email clients are able to execute javascript but this option is off by default. Web based email clients strip javascript off. You can maybe count on ~0.5% of users to be able to run your ajax in emails.
and all of those will have their computers full of viruses installed via JavaScript from an email. Turning JavaScript off in emails is the most basic security measure you can apply to any computer. It’s a real mystery why so many email programs allow you to completely disable computer security by enabling it ever.