I don't think it's possible. If it's in the path of the web browser, it can be grabbed.
If you have it in a protected directory, then a login window will appear everytime the page needs to access the script file.
There is no way to prevent people from downloading it.
In order for a browser to execute the script, the browser must first download it.
Some sites might do silly attempts to block the file, and it might work for non-savvy users, but there is no way to stop it.
[edited by: bcc1234 at 7:30 pm (utc) on Mar. 2, 2003]
You have to remember how a browser works. It downloads all of the files that make up the page: the HTML, CSS, images, etc. It puts them in a special directory called the cache, which is on the hard drive of the user.
Another part of the browser then takes those files, reads them, and displays them on the screen. Since the files are stored on the users hard drive, anyone can just go to that directory and look at them from there. There is no way to stop this.
Whoa! Three people in agreement, all at the same time.
I would like the same security on my site.
check your stickmails.
Nothing to it.
[edited by: txbakers at 8:07 pm (utc) on Mar. 2, 2003]
You cannot protect it. It is always stored in the users cache on their hard drive, inside their computer.
I have found a nice utility that will actually encode the script, but that won't stop a person from using it if they know what the use of the script is.
It's called microsoft script encoder.
[edited by: korkus2000 at 4:03 pm (utc) on Mar. 3, 2003]
[edit reason] Fixed Link [/edit]
>microsoft script encoder
There are more than a few decoders out there. In short, you can deter the casual copier but the ones who are intent upon getting the code will do so.
I just downloaded and played with the WSE and it's fun. Although we noticed something funny with it. On plain HTML pages, the client scripts do indeed get encoded.
On ASP pages, the ASP code is encoded, but the client side script does not. Unless I'm doing something wrong.....
Did anyone else notice this?
Hmm, I've tried a asp page that has client script, and it encoded just fine for me.
Correct me if I'm wrong. This is what I remember from a couple of years ago.