homepage Welcome to WebmasterWorld Guest from 54.227.215.140
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

    
Protecting your JavaScript
How can I do this.
fashezee

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 292 posted 7:01 pm on Mar 2, 2003 (gmt 0)

When using JavaScript to perform certain actions; I link the respective JavaScript file
to my HTML page as follows:

<SCRIPT language="JavaScript" type="text/javascript" src="http://www.somesite.com/java.js"></script>

However, I would like to prevent any user from downloading this file and viewing
the content. I have gone to some sites that have prevented me from downloading their
JavaScript file? How are they doing it? Also, is there away around it?

Does it have to the permissions assigned to the directory?

 

txbakers

WebmasterWorld Senior Member txbakers us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 7:29 pm on Mar 2, 2003 (gmt 0)

I don't think it's possible. If it's in the path of the web browser, it can be grabbed.

If you have it in a protected directory, then a login window will appear everytime the page needs to access the script file.

bcc1234

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 292 posted 7:29 pm on Mar 2, 2003 (gmt 0)

There is no way to prevent people from downloading it.
In order for a browser to execute the script, the browser must first download it.

Some sites might do silly attempts to block the file, and it might work for non-savvy users, but there is no way to stop it.

<edit>sp</edit>

[edited by: bcc1234 at 7:30 pm (utc) on Mar. 2, 2003]

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 7:29 pm on Mar 2, 2003 (gmt 0)

You have to remember how a browser works. It downloads all of the files that make up the page: the HTML, CSS, images, etc. It puts them in a special directory called the cache, which is on the hard drive of the user.

Another part of the browser then takes those files, reads them, and displays them on the screen. Since the files are stored on the users hard drive, anyone can just go to that directory and look at them from there. There is no way to stop this.

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 7:31 pm on Mar 2, 2003 (gmt 0)

Whoa! Three people in agreement, all at the same time.

fashezee

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 292 posted 7:42 pm on Mar 2, 2003 (gmt 0)

The reason I would like to protect my JavaScript, is because I encoutered a site
that prevented me from downloading their JavaScript; is was not cached either.
I would like the same security on my site.

check your stickmails.

txbakers

WebmasterWorld Senior Member txbakers us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 7:52 pm on Mar 2, 2003 (gmt 0)

It's not protected. Not at all. Here is the javascript from that file:

<snip - actual javascript removed>

Nothing to it.

[edited by: txbakers at 8:07 pm (utc) on Mar. 2, 2003]

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 7:55 pm on Mar 2, 2003 (gmt 0)

You cannot protect it. It is always stored in the users cache on their hard drive, inside their computer.

macrost

10+ Year Member



 
Msg#: 292 posted 3:24 pm on Mar 3, 2003 (gmt 0)

I have found a nice utility that will actually encode the script, but that won't stop a person from using it if they know what the use of the script is.
It's called microsoft script encoder.

[msdn.microsoft.com...]

Mac

[edited by: korkus2000 at 4:03 pm (utc) on Mar. 3, 2003]
[edit reason] Fixed Link [/edit]

rcjordan

WebmasterWorld Senior Member rcjordan us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 4:27 pm on Mar 3, 2003 (gmt 0)

>microsoft script encoder

There are more than a few decoders out there. In short, you can deter the casual copier but the ones who are intent upon getting the code will do so.

txbakers

WebmasterWorld Senior Member txbakers us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 292 posted 5:02 pm on Mar 3, 2003 (gmt 0)

I just downloaded and played with the WSE and it's fun. Although we noticed something funny with it. On plain HTML pages, the client scripts do indeed get encoded.

On ASP pages, the ASP code is encoded, but the client side script does not. Unless I'm doing something wrong.....

Did anyone else notice this?

macrost

10+ Year Member



 
Msg#: 292 posted 6:57 pm on Mar 3, 2003 (gmt 0)

Hmm, I've tried a asp page that has client script, and it encoded just fine for me.
Mac

RonPK

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 292 posted 6:26 pm on Mar 4, 2003 (gmt 0)

IIRC the encoder is a JScript-encoder, not a JavaScript-encoder. Pretty useless for the WWW, as there are other browsers around then IE.

Correct me if I'm wrong. This is what I remember from a couple of years ago.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved