im trying hard to disguise a link from being shown in the status bar, the reason is i dont want them to access a page outside of the iframe, i heard theirs trick with a lil javascript and mouse over but i couldent find anything on it. any help is much apperciated.
what you are talking about is <a href="example.html" onMouseOver="window.status='This sentence should become visible in the status bar of chrome'; return true" onMouseOut="window.status=' '; return true">Hover da mouse</a> Code (markup): Due to security however this will work on less and less browsers (Chrome blocks it for example)
nice i noticed that , is their a way to just not display nothing, ive been playing with things ( keep in mind not really my field ) and i came up with this so when you mouse over nothing display , you cannot right click etc which is what i want, but once you click it and you put your mouse over it displays the link which i dont want.
i got the page source encrypted the link im trying to diguise is in a iframe which is right clicked disabled, ...
When you tested your "encryption" did you test it with Firebug or Chrome dev tools? Both tools provide easy access to the source as it currently is. This means that if you are doing "decryption" with javascript then the unencrypted source is still quite visible. Now to solve your original question, stop using the href attribute. Instead use the onclick javascript event to redirect the user.
What are you really wanting for them to see? A link to YourDomain.com but it actually goes to ANOtherdomain.com? or it look like its going to ANotherDomain.com and it actually goes to either your domain or someone elses?
it goes to my domain, but i dont want them to find the source and go straight to the source, i figured something out used onclick with voiold and target framed. and i use ioncube encryption...
If you want to appear to be your site but actually go off to another site then the easiest way is to not mess about with client side (as you will be telling them where the link is really going) but instead have the link to something like www.yourdomain.com/redirect.aspx?id=1. Then redirect.aspx simply looks up the ID to get the url to redirect to and sends a 302 redirection header. They therefore cannot see where they are actually going to be sent until after clicking your link.
Face it, there's no non-evil reason to do this. The web is a fundamentally open platform, and your disabled right-click and "encryption" isn't worth squat. I'm not trying to offend, but you need to accept that.