Hello all, are there any good HTML encryption programs/scripts out there? It seems that all the ones I am coming across (free scripts) are easy to decode.

Most HTML encryption is very easy to decode because the algorithm to decode it is typically escaped in Javascript in the HTML page. Otherwise it would not be possible for the browser to display it. I wrote about this on my blog a few weeks ago after one webmaster tried to convince me that his 384 bit HTML encryption was unbreakable. (I was reading the "decrypted" source code of his webpage while replying to his e-mail.)

Many of these HTML programs just obfuscate the HTML source rather than encrypt it. This typically involves shifting every second character to the end of the file so that the "encrypted" HTML appears unreadable.

Real encryption is more complex and puts an added stain on the browser since it has to decode the HTML in order to render it. The other aspect of Javascript obfuscation is that it allows the webdeveloper to control what the user can do with the webpage - whether the page can be saved or printed etc. With simplistic HTML obfuscation, any professional or programmer can just rip through it or in some cases, even read the raw HTML without having the use the algorithm in the Javascript.

Regards...jmcc

What about this one that I found:

<snip>

[edited by: encyclo at 9:24 pm (utc) on July 19, 2005]
[edit reason] No product links please, see TOS [/edit]

Hello all, are there any good HTML encryption programs/scripts out there?

The short answer is no. If you are looking to "protect" your design, then you would be much better off using Java or Flash instead of HTML. You are pretty much shooting yourself in the foot with HTML encryption. A) You often annoy your visitors -- particularly those using Firefox. B) It will depend on JavaScript, which may be filtered or turned off. C) As McCormac pointed out, the decryption script must be supplied to the browser in order for it to render the page, making any encryption pointless as the "thief" has both the encrypted HTML and the "key" to decrypt it.

The remember the first rule of web design, if you don't want it "stolen," don't publish it to a website.

Additionally, the page cannot be indexed by search engines.

Encryption is a complete waste of time.

The search engines do spider and cache the pages. The cached pages will still display properly. However these encrypted pages do not do well in results because the only thing that the search engines have to go on is the meta data (which is typically not encrypted).

Encrypted pages have a downside. Sometimes pages with rather iffy content are encrypted but have seemingly legitimate metadata. This cloaking is a problem for search engines and if it becomes more widespread then many encrypted pages will get dropped from the search engine indices.

Regards...jmcc