txbakers
msg:1493958 | 7:29 pm on Mar 2, 2003 (gmt 0) |
I don't think it's possible. If it's in the path of the web browser, it can be grabbed. If you have it in a protected directory, then a login window will appear everytime the page needs to access the script file.
|
bcc1234
msg:1493959 | 7:29 pm on Mar 2, 2003 (gmt 0) |
There is no way to prevent people from downloading it.
In order for a browser to execute the script, the browser must first download it. Some sites might do silly attempts to block the file, and it might work for non-savvy users, but there is no way to stop it. <edit>sp</edit> [edited by: bcc1234 at 7:30 pm (utc) on Mar. 2, 2003]
|
g1smd
msg:1493960 | 7:29 pm on Mar 2, 2003 (gmt 0) |
You have to remember how a browser works. It downloads all of the files that make up the page: the HTML, CSS, images, etc. It puts them in a special directory called the cache, which is on the hard drive of the user. Another part of the browser then takes those files, reads them, and displays them on the screen. Since the files are stored on the users hard drive, anyone can just go to that directory and look at them from there. There is no way to stop this.
|
g1smd
msg:1493961 | 7:31 pm on Mar 2, 2003 (gmt 0) |
Whoa! Three people in agreement, all at the same time.
|
fashezee
msg:1493962 | 7:42 pm on Mar 2, 2003 (gmt 0) |
The reason I would like to protect my JavaScript, is because I encoutered a site
that prevented me from downloading their JavaScript; is was not cached either.
I would like the same security on my site. check your stickmails.
|
txbakers
msg:1493963 | 7:52 pm on Mar 2, 2003 (gmt 0) |
It's not protected. Not at all. Here is the javascript from that file: <snip - actual javascript removed> Nothing to it. [edited by: txbakers at 8:07 pm (utc) on Mar. 2, 2003]
|
g1smd
msg:1493964 | 7:55 pm on Mar 2, 2003 (gmt 0) |
You cannot protect it. It is always stored in the users cache on their hard drive, inside their computer.
|
macrost
msg:1493965 | 3:24 pm on Mar 3, 2003 (gmt 0) |
I have found a nice utility that will actually encode the script, but that won't stop a person from using it if they know what the use of the script is.
It's called microsoft script encoder. [msdn.microsoft.com...] Mac [edited by: korkus2000 at 4:03 pm (utc) on Mar. 3, 2003]
[edit reason] Fixed Link [/edit]
|
rcjordan
msg:1493966 | 4:27 pm on Mar 3, 2003 (gmt 0) |
>microsoft script encoder There are more than a few decoders out there. In short, you can deter the casual copier but the ones who are intent upon getting the code will do so.
|
txbakers
msg:1493967 | 5:02 pm on Mar 3, 2003 (gmt 0) |
I just downloaded and played with the WSE and it's fun. Although we noticed something funny with it. On plain HTML pages, the client scripts do indeed get encoded. On ASP pages, the ASP code is encoded, but the client side script does not. Unless I'm doing something wrong..... Did anyone else notice this?
|
macrost
msg:1493968 | 6:57 pm on Mar 3, 2003 (gmt 0) |
Hmm, I've tried a asp page that has client script, and it encoded just fine for me.
Mac
|
RonPK
msg:1493969 | 6:26 pm on Mar 4, 2003 (gmt 0) |
IIRC the encoder is a JScript-encoder, not a JavaScript-encoder. Pretty useless for the WWW, as there are other browsers around then IE. Correct me if I'm wrong. This is what I remember from a couple of years ago.
|
|
