How to prevent copy of URL in Parent Window

In my application I am opening my application page in a Child Window. When I look these in IE, It doesnt show any URL this is great but When I check it in Firefox and Chrome I shows me URL.

My Question is Can I hide address bar in Child Window for Firefox and chrome.

I want to prevent User to copy paste URL in Parent window and access the page.

I m using form Authentication

<authentication mode="Forms">
        <forms loginUrl="~/login.aspx" protection="All" timeout="3600" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseUri" enableCrossAppRedirects="false"/>
    </authentication>

I have tried using Authorization="?" I have tried using a javascript to check whether this is a parent window or child window.

<script type="text/javascript">
        if (typeof window.opener != "undefined")
            alert("I was opened from within " + window.opener.location.href);
        else if (window != top)
            alert("You came here from " + document.referrer);
</script>

But the 2nd part is not working. Kindly Help me and let me know what I m doing wrong

Instead of preventing user to copy paste url what u can do is u can put some script, that can runs only when a request is made else it will do the action that you want.

 string referer = Request.ServerVariables["HTTP_REFERER"];
        if (string.IsNullOrEmpty(referer))
        {
            Response.Redirect("../Index.htm");
        }

Use runs page only if request is coming from a page else it will redirect to the desired page

No You cannot hide the url if you open a new window. If the page is from the same domain, you can instead AJAX the result into a popup DIV on your current page.

That said - anyone with a tiny bit of web savvy, can find the URL anyway.

For example in Chrome I do not even have to install anything, just click "Inspect Element" hit the NET tab and see the url as it is loaded from whereever.

If I understood what you want right, the only way is after the use logs in, (since you have a login form), save a boolean in the session state that indicates that the user is authenticated, then in the page you want to hide it's url, at the page_load event, check if this boolean is true, this way you can limit access to this url without needing to hide the url.