Overview#URI Fragment Identifiers (or sometimes also called Same-Document Reference or anchor tag) are anything past the first "#" within the URI (or URL) URI.
When a URI reference refers to a URI that is, aside from its URI Fragment Identifiers component (if any), identical to the base URI (Section 5.1), that reference is called a "same-document" reference. The most frequent examples of same-document references are relative references that are empty or include only the number sign ("#") separator followed by a fragment identifier.
URI Fragment Identifiers holds additional identifying information that provides direction to a secondary resource, e.g., a section heading (in an article) identified by the remainder of the URI. When the primary resource is an HTML document, the fragment is often an id attribute of a specific element and web browsers will make sure this element is visible.URI Query string – "#" always indicates where the URI Fragment Identifiers starts.
Changing A URI Fragment Identifiers Doesn’t Reload a Page but Does Create History#Fragments have a couple of handy features. First, if you manually change a fragment URL from something like this:
However, it does add an entry in the browser’s history so that clicking the Back button will go back to the original location in the page.
URI Fragment Identifiers Are not Sent in HTTP Request Messages#If you try using fragment URLs in an HTTP sniffer like HttpWatch, you’ll never see the URI Fragment Identifierss in the requested URL or Referer header. The reason is that the URI Fragment Identifiers is only used by the browser – it doesn’t affect which resource is returned from the server.
So do not expect to see URI Fragment Identifiers in your Server-side code.RFC 6838) SHOULD specify the fragment identifier syntax(es) to be used with them; other specifications MUST NOT define structure within the URI Fragment Identifiers, unless they are explicitly defining one for reuse by media type definitions.
For example, an application that defines common fragment identifiers across media types not controlled by it would engender interoperability problems with handlers for those media types (because the new, non-standard syntax is not expected).
URI Fragment Identifiers Security Considerations#
More Information#There might be more information for this subject on one of the following:
- Absolute URI
- Covert Redirect Vulnerability
- DID Fragment
- Decentralized Identifier
- Form Post Response Mode
- Fragment Response Mode
- OAuth 2.0 Security Best Current Practice
- OpenID Connect Back-Channel Logout
- OpenID Connect Front-Channel Logout
- Same-Document Reference
- Uniform Resource Identifier