is there any way i can hide the source code from my web site not to be visible via internet explorer ?
Thanks
Printable View
is there any way i can hide the source code from my web site not to be visible via internet explorer ?
Thanks
This site might give you a few ideas.
Stopping Code And Image Theft
Hope it helps.
Cheers:
What do you mean "source code"? Do you mean HTML or source code for an application?
If it's HTML, there is no way to hide it. You could use another language like PHP that requires it to be parsed by the server before displaying it but there are still ways around that.
If you mean source code for an application, don't post it up on the website.
Thread moved to Web Security.
using server side scripting you can hide your code from being displayed by the web brouser. what happens is the client side script or the html code gets executed by the client web browser on the clients machine itself but you an specify that the script should run at the server e.g in VB script <script language="vbscript" runnat="server"> you can forsce the script to be executed at the server and the result is displayed to the client and not the code. using ASP , JAVA script , CGI Pearl Script you can dynamecly create page without showing the source to the client web browser. eg in ASP
responce.write "<html>"
responce.write "<body>"
responce.write "welcome to codeless web site"
responce.write "</body>"
responce.write "</html>"
You could simply follow this page instructions and let it do its thing...
It is sord of a tut for hiding the code from the folks at Programming Talk.
http://www.programmingtalk.com/showthread.php?t=3650
Want a good and straight answer to your question? ->
Quote:
Q : How to hide your code from everyone
A1 : Don't use HTML
A2 : Don't post it online
There is no good and reliable way to hide html source. Any encoding you do has to be decoded and can be accessed if the person is sufficiently motivated.
Use PHP ;)
theres a program out there that encrypts the HTML source, with the aid of Java script is de-crypted but when you go to view source you get the encrypted version.
WebBlock or something, it's pretty effective but frowned uppon because if you don't have js the page won't display, and it also disables copy-paste
like this --> http://www.antssoft.com/htmlprotector/
Why would you want to hide HTML? Unless you've come up with some radical, new way of coding HTML, there is no point in hiding it.
just another exercise in futility.
You can't protect your HTML source, and I don't see why you'd ever want to. Doing so would damage your search engine rankings, make it impossible for anyone without JavaScript to view your pages and increase both your development and page load times.
In order for browsers to work, they require the entire *unencrypted* HTML source (if you encrypt it using JavaScript, they have to be able to decrypt it). The web is built on open standards, use them to your advantage rather than trying to hide everything away (which you can't do anyway, and so you're just wasting your time).
You most certainly can gang, look here: http://www.popularshareware.com/HTML...load-5669.html ...and that's only a third party app....there are many ways to do it.
Is it because you don't want people to copy your stuff with copy/paste?
Wazz, you are a fool if you think it can be done. The browser has to read your html therefore there must be some way to decode that html. If it can be decoded, it can be accessed by someone who is sufficiently motivated. Besides which, your html is worth nothing. If you have something special about your design that you believe makes it worth something, there are other ways to protect your intellectual property. copyright, trademark, etc, etc, etc.
Alot of the time the html you all believe to be encoded can be found by simply doing a copy all from the browser window and pasting it into a simple development environment. Anything that they lock down via script (stopping copy/paste, accessing view source, etc) can be re-opened to the user via script or building your own app as well. If all else fails you simply build your own browser to grab it and save it in it's normal un-encoded form.....easy enough to do since there is source for a few browsers on the net.
As I said earlier, it is an exercise in futility.
Wazz, it is NOT possible to protect your HTML code from people who really want to read it. The only thing you can do is make it more difficult for newbies, with the downside of pages that will take longer to develop and load, because each page request will require some form of decryption.
I don't see why people are so paranoid about protecting their HTML anyway, it's very unlikely that what you're doing hasn't been done before, and chances are it's been posted on the web by some philanthropic webmaster who wants to share it with the Internet community.
I gotta agree with you on the Pwaring.
You'd have to be one paranoid person to be so worried about your HTML.
Why take all the time to protect it, as it will just slow your page from opening at it's maximum rate, and by the time that it does open then you've already lost a viewer..
GEEZ what's the world coming to when people are worried about there HTML being viewed...
Lfrog
To protect from theft of data and the "look" of the page, it is one extra step in protecting against image theft for example. And since the data is "non-transportable" it keeps users comeing back for reference which earns you money so no, it's not paranoia or futile, its a sensible (yet very annoying) thing to do.
The way I've always done it is to set frames, and use this little script...
<SCRIPT language=JavaScript1.1>
<!-- Begin
function right(e) { if (navigator.appName == 'Netscape' && (e.which == 3 || e.which == 2)) return false; else if (navigator.appName == 'Microsoft Internet Explorer' && (event.button == 2 || event.button == 3)) { alert("Antitheft code by Donald S. Crothers ([email protected])"); return false; } return true; } document.onmousedown=right; if (document.layers) window.captureEvents(Event.MOUSEDOWN); window.onmousedown=right;
// End -->
</SCRIPT>
It's nowhere near perfect, but it should keep out most idiots on the web :P
Regards,
SSJVegeta-Sei
We all sure love to go off into theoreticals, including me... :D
In short, if the public can view your HTML web page, then a determined member of the public who comes across your web page will get able to get its source code.
But, you can make it a huge pain in the butt for that determined person to get the original HTML source.
A very simple/common thing people may do is disable right click. You can still go to view > page source and that is defeated.
The next way the HTML can be hidden is by obscufercating it. There are many HTML and ASCII equivilents, and some basic javascript functions can convert them into normal HTML before writing it to the screen. When you view source, you see a javascript that takes a really long line and displays it. The line usually contains stuff like %20, along with many %, &, and \ symbols, numbers, and letters. I think this can be defeated by changing the code around so that it displays the output of that as an alert, or by using other commonly avaialbe scripts to change those weird characters into normal HTML. I think most of them are easily defeated with the second method.
Also, implementation of the above script may not even need you to go into the source. In some cases, you can acturally decrypt the values straight from the address bar! This varies among how it was coded in, but if the encrypted value is stored in a variable (and you can even change the code so that it is) and the decrypting and display functions are different (that is important) then you can simply run the variable through the decrypting code and display the output.
I'll give an example here, and probably write up a tutorial on it later (RESERVED! :p)... In the address bar, type in "javascript:checklength(document.vbform);" What does this code do? It is the code under the "check message length" link inside of the post a quick reply box. Using something like can reveal the HTML if you know how to manipulate it just right, and if you recode parts to make it easier.
That is about all I can remember for hiding HTML that is public access...
Note I'm talking about public access. If this was private access where only you and your buddies had a secret password, then the above wouldn't apply if you had no checks for the passwords, and the password encrypts the HTML. Doing that, you would need another app to encrypt the HTML, and those can be written in HTML too. The problem is that you would need another script to do that thing...
Also, server side scripting lets the server run code, and you can have it require a password before displaying anything else. Of course it still produces HTML and that HTML can be viewed, but you can have a backend that they can't see that says "Here it is" or "Nope!". If it says "Nope!", then unless they get it so say "Here it is" (which they need a password to do) they won't be getting it...
As these thoughts run through, I feel I should write a Javascript tutorial... One of my favourite languages, learned before C/C++... HTML can be powerful! :D
If I may make a small point about your post, Tim...
My code is designed to disable right click, yes... (and left+right) - but there's a reason I also suggested setting frames.
You can set a no-size frame, and the site displays as normal... but the only code they get from View Source is the frame code :P
Anyhow, good post.
Regards,
SSJVegeta-Sei
Ah, I acturally spent like 40 minutes typing that up so I didn't see your post while writing it. ;p
That's a pretty good deterent for most people. Most people wouldn't think of how to get the page pointed to in the index.html and if you set the page you're protecting to ensure it reloads inside of frames can cause some problems for their attempts. (thumbs up)
Not everyone thinks about making a link and then right clicking it -> save target as either. I certainly didn't think of the link until someone was very intent on getting a small piece of code I wrote and showed me how they got it by making a hyperlink and save target as. (This code was some sort of crash IE code with a malformed tag, so view source wasn't an option there...and he had to use IE to get it and the cache was too cumbersome...)
My main target was at obfusecuation (sp?) of pages that I've come across at times. Mainly showing examples of what can be done to counter that. Writing a small tut on javascript has crossed my mind at times, but I want to include examples and that means I have to go code them myself. Sort of a "hack this javascript web page" challenge that I thought about before but made into tutorial form demonstrating ways to either recode it or find vulnerabilities in implementation...
I thought he meant to hide it from the average Joe, not people like us LOL
like wat other said you can use javascript to disable the right click you can get it at www.javascript.com and if you wanted more secure you can use the php script but your server must be php enable so that you canuse it but i prefer using php script rather than disabling the right click coz there is other way to find or to look for your script
Have you any idea how annoying it is to disable right-clicking? I use the right mouse button all the time in mozilla and it drives me insane when people use javascript because it stops me from opening links in new tabs, quick access to reload/bookmark a page etc. If I wanted to steal your images/HTML, I would do so and there's nothing you can do to stop me. Heck, if I wanted your HTML that badly I'd use lynx/links to grab the source instead.
BTW, PHP isn't much use for hiding your code for two reasons:
1. It outputs HTML which is then sent to the browser (obviously the PHP code is protected, but we're talking about HTML here)
2. It doesn't work on the client-side, so I can still right-click, View->Source or whatever to get at the HTML code
Easiest way to get around those frames is either to right-click within the frame and choose 'view source of this frame' (or whatever the option is) or view the code for the frameset and then load the frame individually (with Javascript disabled to prevent the frames re-appearing automatically).
You can certainly make it more difficult for the average user to access the code, but you can't stop anyone who's determined to get at it. It just wastes your time developing the site, damages your search engine rankings (especially if you use excessive javascript/frames for your content) and annoys the hell out of people like me who like to surf the web with the shortcuts provided by the right mouse button menus.
Heh, it is nice to be able to open in new window. Also as someone previously said, just make a basic neandrithal (spelling) browser in VB. The have the page source written to a text box. In the end, why protect HTML? The important things to protect are your information and perhaps your images.Quote:
Have you any idea how annoying it is to disable right-clicking? I use the right mouse button all the time in mozilla
-Cheers-
PS: Happy New Year, late like.
there is no 100% sure way of hiding your source code . but, I have some tricks, first, to disable the right click menu only in IE I have a smaller code <oncontextmenu="return false">. and secondly , open your code in notepad and insert around 900-1000 carriage returns above the <html> tag. and above that insert a confusing tag like <!-- Unable to decrypt $3aAb^. Source code not available--> or <!--Data Source not Found. File error #546--> or anything like that , u should have got the Idea what I mean to say.. but note that these tags have been inserted as comments otherwise they would appear on your page. this trick is also used by some softwares , I think. So with these tricks when the user will open the code he will get that message ( confusing tag) and below that, totally blank page, unless he notices the small scroller on the right side. and also note that every single carriage return weighs 2 bit or 2 byte I don't remember exactly..
Any tricks you have for it are just that, tricks. All smoke and snake oil. Anyone who wants your source can get it easily with half a brain and 10 minutes on google.
Hmm....been mentioned before:http://www.antionline.com/showthread...hreadid=252877Quote:
man its getting worse and worse. XqZorXpoZ go to roll col if u want to post your intro read the AO FAQ it shouldn't be that hard. i think a automated PM shouls be sent to every new account giving details about the site and the site FAQ
go to ROll Col if you want to post your introductry note this is not the proper place for it . posting irrelevent data in between thread is intolerable. i suggest you delete and post in rollcol section
Oddly enough, it was put in the suggestions forum, which would be the proper place, instead of posting irrelevant data between threads (which I hear is intolerable) . Funny, I don't see a tag under your name that says AO police. :)
/ In best announcers voice:We now return you to your regularly scheduled program.
PWaring, it might be annoying, but I've run sites in the past where I REALLY DON'T want script kiddies running in, stealing all my images and using them somewhere else. People with the skills to take the stuff anyway probably A: won't find it worth their time and B: Are smart enough not to use proprietary images and such without asking first.
Besides, I have a really sweet Flash popup to get into the site, and people disable popups all the time, so turnabout is fair play :P (J/K)
Anyhow, in short, the script does exactly what it's designed to do, which is keep out your average moron. Which category I'm *sure* you're not a member of.
Regards,
SSJVegeta-Sei
SSJVegeta-Sei: If you mean the site in your profile, I don't mind you disabling right-click because it doesn't work in Mozilla anyway. I can right-click wherever I want (with JavaScript enabled) and as such I can save any image with ease or view any of your HTML. ;)
Of course, since the average moron is probably using Internet Explorer (which your script does work on), I suppose it serves that purpose.
I would like to offer a calmer view on this before it erupts into a flame war.
We must not forget that browsers (except lynx of course) keep everything in a cache. Those images, that html, the cool little flash file, all goes into a cache so it can be displayed. So it doesn't matter, this right click security, why you want to defend against people looking at your HTML, because they get it anyways in their browser cache folder the moment they view it.
I can understand wanting to block your HTML so that others can not steal it, as it is a lot of hardwork and time you put into that creativity. But to that I offer two insights:
1. Let people borrow and steal. They will learn from it regardless, and immitation is the most sincere form of flattery. Be proud of your code, your creation, worrying more about perfecting your own coding technique rather than defending against someone immitating a coding method they admire (yours).
2. Hiding HTML is almost counter productive to the coding community. When someone wants to know how something is done, they look at the source code and either A. copy it, learning it as they edit it, or B. Read it and catch on immediatally.
So, to the community it may be better to simply allow others to understand how you did your site. google.com, microsoft.com, gentoo.org, etc etc... These are very large scale sites that allow you to rightclick and view HTML, because they are not worried about someone taking their look or code. It benifits all, and thus we rejoice :D
@Pooh - Ah, but then I could make a counter-argument that it benefits the community even more to make them learn how to steal it :P
@PWaring - yep, that's the point.
Regards,
SSJVegeta-Sei
Teaching them to steal accomplishes nothing in their HTML goals, only to roll their eyes as they once again have to overcome the security measure. That isn't a counter argument, it's a troll. Hiding HTML works against open source, free speech, and newbies willing to learn.
Ok... obviously I have to make a few things clear here.
Firstly, for someone trying to "keep the peace", you're being very inflammatory.
Second, I wouldn't call it a "troll" - I'd call it a "joke". Perhaps you've heard of them. If not, here's some helpful advice:
Joke - n.
1. Something said or done to evoke laughter or amusement, especially an amusing story with a punch line.
2. A mischievous trick; a prank.
3/ An amusing or ludicrous incident or situation.
Informal.
Something not to be taken seriously; a triviality: The accident was no joke.
An object of amusement or laughter; a laughingstock: His loud tie was the joke of the office.
Thirdly, overcoming a security measure still teaches important skills, whether you choose to acknowledge that fact or not. In fact, perhaps they'll value the code they've "borrowed" a little more if they have to go to more effort to get it.
Fourthly, just like anything else, when I've put effort into a graphic or a piece of programming that makes my site unique, sets it aside from others, and keeps people coming back, I naturally don't want everybody under the known sun to have it. If everybody could paint like Michelangelo, his paintings would be worthless and nobody would care, and more to the point, would not be kept under extreme security.
Fifth, the kind of people that I would be trying to keep out with a code that I up-front ADMITTED is not a serious deterrent to determined people are people with no knowledge, surfing the internet, trying to steal things only for their own gain. If someone asks me to use my code or my pictures, I'm probably happy to let them do it - but the idea of politeness, I.E. asking to use something, applies even over the internet! Yes, the net works just like the REAL WORLD! Imagine that.
Sixth, and final: You're acting like yours is the only opinion that matters. Try to bring both sides of the matter into consideration instead of trying to shut down entirely the viewpoint you don't agree with. This should be an intelligent debate, not a back and forth of "I'm right, and nobody better argue".
I hope this enlightens you as to the meaning behind my posts somewhat.
Regards,
SSJVegeta-Sei
P.S. If, as your name suggests, you are aware of the teachings of the great Sun-Tzu, I suggest you consider applying his words to your posts a little more.
My apologies for having sounded harsh, when it was not meant to be. Perhaps this can clear things up between us
My apologies, as I said above, it was not meant to come off as such.Quote:
Originally posted here by SSJVegeta-Sei
[B]Ok... obviously I have to make a few things clear here.
Firstly, for someone trying to "keep the peace", you're being very inflammatory.
There was no way for me to understand you had meant it as a joke, especially with it following a :P Please, in the future consider that others may not catch on to it as a joke, and thus it may require something to help others recognize it.Quote:
Second, I wouldn't call it a "troll" - I'd call it a "joke". Perhaps you've heard of them. If not, here's some helpful advice:
I agree whoeheartedly, and see your point.Quote:
Thirdly, overcoming a security measure still teaches important skills, whether you choose to acknowledge that fact or not. In fact, perhaps they'll value the code they've "borrowed" a little more if they have to go to more effort to get it.
The paintings of Michelangelo are well guarded yes, but that does not mean his techs and methods are hidden. Copies of his work are worldwide because we allow people to see his paintings up close. Students study his artform around the world in colleges because we allow his styles to be taught. I understand wanting to protect something you have worked on. My origonal post already covers this quote further.Quote:
Fourthly, just like anything else, when I've put effort into a graphic or a piece of programming that makes my site unique, sets it aside from others, and keeps people coming back, I naturally don't want everybody under the known sun to have it. If everybody could paint like Michelangelo, his paintings would be worthless and nobody would care, and more to the point, would not be kept under extreme security.
Please, no need to get cocky and sarcastic. I can also understand wanting to protect it from kiddies. But what harm can it possibley do? Those who matter in your life will know it is yours, and those who copy it without knowledge will be uncovered, just like in the real world. This isn't just opinion, but experience.Quote:
Fifth, the kind of people that I would be trying to keep out with a code that I up-front ADMITTED is not a serious deterrent to determined people are people with no knowledge, surfing the internet, trying to steal things only for their own gain. If someone asks me to use my code or my pictures, I'm probably happy to let them do it - but the idea of politeness, I.E. asking to use something, applies even over the internet! Yes, the net works just like the REAL WORLD! Imagine that.
I am afraid you are taking this far more extreme than it was ever meant to be. My opinion shows both sides, the reasons to guard the code and reasons to not guard the code. My final viewpoint was the consequences of both sides, and which consequence outweight the other. My opinion is no better nor worse, and I fail to see how you took it beyond that. No need to attack and search for things where I *may* sound forceful.Quote:
Sixth, and final: You're acting like yours is the only opinion that matters. Try to bring both sides of the matter into consideration instead of trying to shut down entirely the viewpoint you don't agree with. This should be an intelligent debate, not a back and forth of "I'm right, and nobody better argue".
This was quite unnessessary, and a personal insult. Please, remember that we can talk civil without insulting one another. I know his words well, and practice them just as well.Quote:
P.S. If, as your name suggests, you are aware of the teachings of the great Sun-Tzu, I suggest you consider applying his words to your posts a little more.
Thank you for this discussion, but it seems you have taken my words and thrown them into a much more darker view than what was written. Take care, and I hope we can reconcile as friends later on. :)
I offer my apologies. The comment about Sun-Tzu was not meant to be insulting, but I can see why you felt it so and I apologize for that.
I can see both sides of this situation, and there is merit in both.
I humbly set my pride aside to offer peace.
Regards,
SSJVegeta-Sei
Thank you and I agree, and I too shall set aside my pride for peace. :) It is because of the kindness in people like you that I an enjoying my time, however new, here.
Thank you all
Use ASP,or ASP.NET.
Good !