homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

Right Click Protection
using JavaScript for IE

 12:17 pm on Feb 6, 2002 (gmt 0)

Does anybody know of a script where when you right click on a document nothing happens. Normally you would get the Right Click menu with 'View Source' etc and the following script prevents it by showing an alert instead (IE only).

function rightClick()
if (event.button == 2 event.button == 3 event.keyCode == 93)
alert("Some message");
return false;
return true;


Ideally though I'd like to prevent access to the right menu but just have nothing happen instead of the alert - I can't seem to get it to work though. I only need this for IE5+, any ideas anybody?

I know these scripts are far from fool proof... but we like the idea of making things just that tiny bit more difficult;)



 1:29 pm on Feb 6, 2002 (gmt 0)

Hey Joshie:

The no Right Click is a gimmick at best and an annoyance at worst.

Even web users witha little savvy can go to the View Menu to view source.

What I've seen (and I can't find it now that I'm looking for it!) is a view source that would have about 60 blank lines at the top of the source code, so it looks like the "source" is blank. Of course if someone were to scroll down they'd see the code.

I'm resigned to having my code looked at. That's what I like about server side ASP and such - that gets hidden.


 1:37 pm on Feb 6, 2002 (gmt 0)

check your sticky



 1:39 pm on Feb 6, 2002 (gmt 0)

Hmmph, The reasons are complicated: In truth, one of the main reason we've disabled the right menu is that the application we're developing has required us to remove the browser controls (back/forward/refresh which also feature in the right-click menu*). I will stress now that this is not a web-site we're working on but a web application - we have our reasons, you'll just have to trust me.

Got any ideas on how I can get that right click without popup?

*I'm aware that people can use keyboard shortcuts etc...


 2:05 pm on Feb 6, 2002 (gmt 0)

Joshie - first - some moral support, I too have written apps (not sites) that have disabled back and forward browser navigation. Signup wizards and the like. Popup new window - and do a series of steps ... lots of work to keep checking if a particular event has already happened and what the user is expecting to see.

It is possible to get round all of this with some complicated page and session management code but often the additional effort isn't justified.

Now for something hopefully more useful ;)


Works for IE, Netscape (<6). But won't work for Opera, Mozilla etc etc.


 10:03 am on Mar 4, 2002 (gmt 0)

Cracked it...

<body oncontextmenu="return false;">

This stops the popup and you don't have to have an alert (IE Only).


 11:35 pm on Mar 4, 2002 (gmt 0)

I can understand you not wanting someone to plagerise(spelling) your site, but is it really that big of a deal if someone's looking at your source? I know for me when I first started HTML viewing others source codes helped me tremendously. Are there other reasons for not wanting the source to be viewed?


 1:05 am on Mar 5, 2002 (gmt 0)

disabling right click is a bad move ... don't do it unless you really have to ...
and if you have to, then maybe HTML aint the right way to do what you want ... maybe Flash (as much as i despise it) would be a better solution ...


 9:23 am on Mar 5, 2002 (gmt 0)

As I menthioned above, it's for an application - not a website. It's not so much about disabling the view source option as disabling the back option. I wouldn't remove the right menu from an internet facing website.

It's a huge data management application - I don't fancy writing it in Flash!


 1:19 pm on Mar 6, 2002 (gmt 0)

The harder the source is to view? The more I want to view it.


 1:25 pm on Mar 6, 2002 (gmt 0)

... and the more aware you'll be that you'll be infringing copyrights if you steal the pictures/code.


 1:44 pm on Mar 6, 2002 (gmt 0)

If it's a huge data management app, then it must rely on some type of server side coding (ASP/JSP/PHP) and that code - the real meat of your app - is not visible to the user.

Let them see the HTML all they want - it still doesn't reveal the database structure or the SQL commands being used, or your nifty techniques.


 2:46 pm on Mar 6, 2002 (gmt 0)

Actually, there is an awful lot of clever code on the client but not that I mind them looking at it (and nothing that would risk security). In this case the right menu was disabled to discourage it being used for back, forward and refresh (too complicated to go into now).

OK - look - I've never used right click protection to stop people from viewing my source. Never, ever.

Though I do think if you have, say, some images that are precious to you and you want to put them on the internet but don't want them ripped off then a little 'reminder' does no harm. This way you don't have to disfigure the image with a watermark and someone taking it is fully aware that you'll be miffed when they do...


 6:03 pm on Mar 6, 2002 (gmt 0)

I like the trick of putting an HTML comment at the top of the source page, then inserting 60 or so blank lines before the actual source begins.

Another deterrent to the uninitiated.

Purple Martin

 3:50 am on Mar 7, 2002 (gmt 0)

I can understand why people find turning off the right-click menu an annoyance, and it isn't something I'd normally do.

However, there is the occaisional situation where it is an appropriate thing to do. Coincidentally, I've just been working on an assessment application for one of the high-street banks (IE 5.5 only - bliss!). As staff career prospects are linked to their performance in the assesment, it's important to hide answer information from them. Most of this is done by using ASP, but I've still disabled the usual right-click menu for extra security (I'm actually providing a custom menu instead). One other thing - the application is presented in a full-screen chromeless browser window, so there's no View menu available.


 6:47 pm on Mar 7, 2002 (gmt 0)

Images you don't want copied can be layered over with a tranparent .gif of the same size. Let them right click away and steal the transparent .gif file.


 9:43 am on Mar 8, 2002 (gmt 0)

Clever Nell! - that would really throw you for a while wouldn't it!


 10:28 am on Mar 8, 2002 (gmt 0)

Yes, clever, but not perfect. I haven't seen anything yet that would stop anyone "stealing" your pictures by taking a screenshot of them.

I do understand though that for some occasions there is a need to hide whatever can be taken or seen by using the functions in the context-menu.


 10:46 am on Mar 8, 2002 (gmt 0)

If you really want to protect your scripts and your audience is IE5+ you can always use the MS Script Encoder:


Though this isn't bullet proof either - just an extra level.

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved