Best Way to Keep Source Hidden

[Mp)Tarh]

Ok, here is what you do for the best possible defense against annoying source stealers -

First, add this to the page you want to protect or link your files to an external JS file:

<SCRIPT LANGUAGE="JavaScript">
<!--
document.oncontextmenu = function(){return false}
if(document.layers) {
window.captureEvents(Event.MOUSEDOWN);
window.onmousedown = function(e){
if(e.target==document)return false;
}
}
else {
document.onmousedown = function(){return false}
}

if (self.location == top.location)
{
top.location.replace("index.htm");
}
//-->
</SCRIPT>

After you have that, put your pages in a frames page (if you are worried people won't support frams then you are outta luck), and that will stop basic stealers.

There are still ways to view the source so, to stop that - 2 more steps.

To stop newbs put this at the top of every page or write it in with a server side script:

<!--------------------------------->
<!--------------------------------->
<!-- Information Secure -->
<!--------------------------------->
<!--------------------------------->
[ Add 2600 Enter Keys here]



Most people will close the window at first glance because on any resolution, the scrollbar is the smallest it goes.


And, for the final precaution, submit the sensitive part of your source code to the form in the following page.

http://www.angelfire.com/ny5/consigliere/encrypter.html

Happy Programming!

P.S this way is not foolproof, since data is stored on the clients computer in the temporary internet files folder, there is no true way to save your source code.

 

[crEA-tEch]

unless you use php scripts =)

 

[deadserious]

It's not possible to hide the source code that displays the html output to the browser. You can attempt to make it harder to get, but I think it's all really a waste of time because if someone really wants it they will get it.

The only thing you can really do is make your entire webpage an application that doesn't rely on a browser like an applet or something if you don't want anyone to be able to access any of your source code.

 

[Mp)Tarh]

Re: Best Way to Keep Source Hidden

Originally posted by Mp)Tarh
P.S this way is not foolproof, since data is stored on the clients computer in the temporary internet files folder, there is no true way to save your source code.

Just as I said above

 

[Tempest]

Your better off just stating that it is copyrighted in the top and bottom of the source code...

This will keep most people away, but as said above, if someone wants the code badly enough, they will take it anyways.

 

[Fallout_Multi.]

kinda off topic, but can you see the php code in the temp folder or wherever that stuff is stored?

 

[deadserious]

I'm not quite sure what you're saying, but you can't see the php code via your browser, however you can see it if you have access to view the actual files on the server side via ftp etc...

 

[Alpha]

Yeah PHP is serverside. It is executed and closed before it even gets to your browser.

 

[pistol]

back to the source code hiding, i feel, personally, that that is dirty. afterall, me, you, and your best friend barry all learned from source, and there's nothing really all that important in the source itself.

you can grab the html, javascript, css, and photos and little more. of any of these, the only one that i can find even a remote reason to want to keep out of other people's hands is the photos. if you're that worried about them, put a watermark on them, your url in a noticeable place, and a copyright. (even if you use a script to cover up your photos, there's always that pesky prnt scrn button.)

in closing, my icons still rock the casbah: :crabby: :angry: :confused2 :webdev:

 

[insomnia]

I accually encourage people to veiw my source code. It makes a good tutorial. All my source code is free to the public. I don't know. I was born and raised to the tune of the gnu or whatever freesource linux has. I hold that to everything I do. Not sure why. But yea if someone does take my layout I might be a lil pissed. But if they use the graphis that's where I draw the line. Hotlinks are delt with by law, that's right, law. And then people who upload the images to their server should watch out. I'm working with a friend to build a program to seach for data that matches the data you want. oh yes... It will be ultimate.

(so far the data search is in the lab being built, having trouble with making into a server app that anyone can run)

 

[RJ]

Can you get this guy's source code?

http://www.drpeterjones.com/hidden/hidden.html

 

[CatsEyeDesigns]

Yeah, I sure can. Here's a quick tip.... clear your browser cache. Reload a page, open the browser cache, and open the file you want to look at. Takes about 30 seconds. There is no way to "protect your html/javascript sourcecode" aside from irritating people.

And from a usability standpoint, you should never try to block the right click of a browser. That has got to be the biggest waste of time. I right click for a number of things on different webpages and when I see that stupid little popup that says "Copyrighted" or whatever, that usually only makes me want to take it even though I originally just right clicked to print an article, or open a new window or something.

Just my 2 cents.

 

[RJ]

Originally posted by CatsEyeDesigns
Yeah, I sure can. Here's a quick tip.... clear your browser cache. Reload a page, open the browser cache, and open the file you want to look at. Takes about 30 seconds. There is no way to "protect your html/javascript sourcecode" aside from irritating people.

Great tip. What about these programs that claim to encrypt your html or javascript?

 

[CatsEyeDesigns]

None of them REALLY encrypt anything because they include the encryption key in plain view for anyone with more than a fundamental knowledge of how a webpage works.

On another note, "encrypting" a webpage is dangerous because from what I've seen, it all relies on the uneccessary use of Javascript, which as you know, is disabled in 10-15% of all internet browsers. Prevent 1 out of 10 from being able to view your page so that you can prevent 1 out of 50 visitors from viewing your source code? Doesn't make any sense to me.

If you've got something that private, or valuable, the internet (in general) is not the right medium to publish it in the first place.

 

[Kodeking]

If you don't want people to steal:

Make a flash website!

 

[RJ]

Originally posted by Kodeking
If you don't want people to steal:

Make a flash website!

What about this now?

http://www.webdesigntalk.net/showthread.php?s=&threadid=15801

 

[Anthony]

Yeah, there are multiple Flash ripping programs out there now, as well.

 

[Zero-Life]

Originally posted by crEA-tEch
unless you use php scripts =)

uhhhhh, php codes are already hidden.

 

[nicholas]

there are many flash rippers/decoders out there already, some you can even get off sourceforge with ease.

Best way is to just obfuscate your code to give whoever's reading a hard time :D

But it'd probably be best to just let the source code be. As mentioned above, it may not really be a bad thing at all for people to see your source code. And if you really needed to hide it, the above methods would be good enough; although if you're dealing with more savvy users, there's no point in going through the trouble. Maybe just swallow hard and share it.

 

[rabid_nerd]

My favorite method du jour is to telnet to port 80

                               <!--

                                   Congratulations, you've found the source code
!

 Your mind is sharp. Your virtual limbs are strong. You've
                                                           attained a measure of
 wisdom to be able to solve this puzzle,
                                        my friend. You are now ready to hear wha
t I have to tell you.
                      You must tread the path of foolishness to become wise. The

 foolishness of hiding source code teaches a lesson of
                                                       futility. To gleefully fl
ail against the inevitable, to put
                                   aside the fact that File>Save Page As... defe
ats even the
             most cunning design with a simple stroke of the digital
                                                                     blade, is t
o face a a brick wall and pretend to beat your
                                               head against it, and when you're
done, to have learned all
                          the same lessons that you would have learned if you re
ally
     had beat your head against it, but without the discomfort and
                                                                   embarassment
of it all.

          Some tips for the road:

                                   1. To go directly to the source code of any w
eb URL,
             type the URL preceded by view-source: For example
                                                                    view-source:
[url]http://www.drpeterjones.com/[/url]
                              2. To discourage viewing of your JavaScript, place
     it in an external .js file and load it into the
                                                         page with the <script s
rc=""> method.
                3. One way for artists or photographers to discourage
                                                                           their
 copyrighted images from being saved is to
                                                embed the images in Flash. Remem
ber, it will only
                      discourage, not prevent.
                                                4. As mentioned above, File > Sa
ve Page As... will
                       Grab the source and any associated files of a web
                                                                              pa
ge and save the files to disk for easy viewing.

                                               -->

                                                  <html><head><title></title>

                                                                             <!-
- it redirects if you turn off JavaScript -->
                                             <noscript><meta http-equiv="refresh
" content="0;url=p.html"></noscript>

                                    <!-- you can't look at just this page. it al
ways jumps to frameset -->
                          <script language="javascript"><!--
                                                            if (top.frames.lengt
h == 0) top.location = "hidden.html";
                                     //--></script>

                                                   <style type="text/css"><!--
                                                                              /*
 'glass' is an image that layers over top of the doc,
                                                      giving the wrong context m
enu in some browsers. */
                        #glass{position:absolute;left:0;top:0;}


                                                               .big{font-size:70
pt;font-weight:bold;}
                     body{font-size:17pt;}
                                          --></style></head><body       bgcolor=
"#000000" text="#ffffff" link="#0000FF" alink="#FFFF00" vlink="#999999" topmargi
n="10" leftmargin="10" marginheight="10" marginwidth="10">
                                                          <script language="java
script"><!--

            // no explanation needed
                                    function disable_right_click(e) {
                                                                     var browser
 = navigator.appName.substring (0,9);
                                     var event_number = 0;
                                                          if (browser=="Microsof
t") event_number = event.button;
                                else if (browser=="Netscape")
                                                             event_number = e.wh
ich;
    if ( event_number==2 || event_number==3 )
                                             { alert ("Please..."); return (fals
e); }
     return (true);
                   }

                    // sniffs for key that activates context menus
                                                                  function check
_mousekey() {
             var mouse_key = 93;
                                var keycode = event.keyCode;
                                                            if ( keycode == mous
e_key )
       alert ( "Well, well... looks like somebody did their homework." );
                                                                         }

                                                                          // sel
f explanatory
             function trap_page_mouse_key_events() {
                                                    var browser = navigator.appN
ame.substring ( 0, 9 );
                       document.onmousedown = disable_right_click;
                                                                  if ( browser =
= "Microsoft" )
               document.onkeydown = check_mousekey;
                                                   else if ( browser == "Netscap
e" )
    document.captureEvents( Event.MOUSEDOWN );
                                              }

                                               // self explanatory
                                                                  window.onload
= trap_page_mouse_key_events;

                             // resizes glass.gif to cover entire screen
                                                                        if (docu
ment.body.clientWidth) {
                        var xxx = document.body.clientWidth;
                                                            var yyy = document.b
ody.clientHeight;
                 }
                  else if (window.innerWidth) {
                                               var xxx = window.innerWidth;
                                                                           var y
yy = window.innerHeight;
                        }
                         else {
                               var xxx = 2000;
                                              var yyy = 2000;
                                                             }
                                                              if (xxx < 481) xxx
 = 481;
       if (xxx < 292) xxx = 292;
                                document.write("<div id='glass'><img src='glass.
gif' width='" + xxx + "' height='" + yyy + "'></div>");
                                                       function relode() { locat
ion.reload(); }
               window.onresize = relode;

                                        // yet another event handler
                                                                    document.onc
ontextmenu = function() { return false; }

                                         //--></script>

                                                       <!-- actual page content
-->
   <font color="#ffffff">
                         <br><br><br>
                                     <div align="center">
                                                         <div class="big">Try to
 get it!</div>
              <br><br><b>
                         Snag that pesky source code.
                                                     </b>
                                                         </div>
                                                               </font>

                                                                      </body>
                                                                             </h
tml>

 

[Anthony]

Well, at least I learned something from this thread -- that view-source:http://www.whatever.com/ thing is useful in IE!

 

[aptimass]

Thanks for wasting my time RJ

:lol:

the hidden message was:

THE CAT SCREAMS AT MIDNIGHT

 

[Michau]

The view-source: trick works in Netscape as well... Wow!!!