How can I prevent javascript from running in a browser's address bar?

advertisements

If I go to this page and then delete the url from my browser's address bar, and then enter

javascript:document.getElementById('rsidebar').value='dsf';

The whole part refreshes. How can I prevent a page from refreshing when executing javascript from the address bar?

Also, are there any other techniques to manipulate a page without having access to the page source like the above method?


No, you cannot stop the user from manipulating the DOM.

You don't need to worry about people manipulating the DOM from the client-side. These changes only effect their local experience. They aren't actually affecting your site for other users.

You can easily manipulate the DOM using tools like Firebug, IEDeveloperToolbar, or Greasemonkey (Javascript engine).