As URL Hack is not Officially Supported by Salesforce.
Is there a workaround for this without overriding standard pages with visualforce page or Ajax ToolKit?
For example, if you click on the "New Opportunity" button in the Opportunity related list on the Account page, it will be directed to the new "Oppurtunity Edit" page.Here you will see Account getting prepopulated on Opportunity and I want something like this without any URL Hack
Below is the Knowledge Article from Salesforce about URL Hack
Knowledge Article Number: 000176169
Description I would like to be able to use the query string parameter
save=1 to have a custom button/link that automatically saves a case in
one click by using this URL:/{!CaseId}/s?save=1&cas7=Closed
and I have seen in a developer forum
(http://boards.developerforce.com/t5/General-Development/quot-save-1-quot-attribute-no-longer-working/td-p/257227/highlight/true)
that Salesforce can enable "Autosave by URL" to allow this. Can this
be enabled in my org?Resolution NOTE: This is considered a URL hack and it is not supported
by Salesforce. Using undocumented query strings is absolutely
discouraged as Salesforce can change them at any time without notice.
Instead this requirement can be implemented by using the Force.com
AJAX toolkit or a Visualforce page with a custom controller.Salesforce has implemented several features to prevent Cross-Site
Request Forgery (CSRF). As an example when a browser makes a request a
one-time token is attached to prevent CSRF attacks, however this also
prevents the use of the mentioned URL as clicking on it would generate
a GET request without the CSRF token.Salesforce Support can disable the validation of the token on GET
requests, but this opens up the Salesforce application to CSRF
attacks. We strongly recommend that this feature remain enabled.
Customers can request this feature to be disabled though by raising a
case that contains the following statement/request:"Please disable the validation of the CSRF token on GET requests. I
acknowledge I understand that my organisation may be potentially
exposed to CSRF attacks, and I will continue without the feature at my
own risk."
Here are some useful links on URL Hack
http://andyinthecloud.com/2014/01/05/querying-custom-object-and-field-ids-via-tooling-api/
https://success.salesforce.com/ideaView?id=08730000000gM7mAAE
Best Answer
I think the answer to your question is maybe. Up until a couple years ago, asking support to disable validation of CSRF token on GET requests did the trick for allowing save=1 as a parameter in URL hacks. It's no longer possible.
If you don't need to automatically save, then you can still do URL hacks. Is there a particular use case you're trying to solve for?
I guess you should also check out Publisher Actions and the Process Builder. Those two functions solve many of the requirements previously only supported by APEX/Visualforce or URL hacks.