How to Protect .JS files from download

Forum Moderators: open

Message Too Old, No Replies

How to Protect .JS files from download

ShadowKnight

3:49 pm on Sep 11, 2003 (gmt 0)

I know how to protect my .js files from being used by another domain.

But I want to know how to protect my .js files from being downloaded from my html root. I saw this being talked about on a site but I forget what the site was. So can anyone help me out on this?

moltar

3:53 pm on Sep 11, 2003 (gmt 0)

You can't really protect it from download. You can minimize the chances by making sure that when the file is called the HTTP_REFERER is in place. That will protect from direct download. There are various ways to do that.

But this also has a downside. People that have referers turned off will not be able to use js in your pages.

You might want to look into scrambling js.

korkus2000

6:53 pm on Sep 11, 2003 (gmt 0)

You really can't protect it that well. Why are you concerned about it being downloaded?

g1smd

8:29 pm on Sep 11, 2003 (gmt 0)

Since the file gets cached in the hard drive of the computer that the browser is installed on, then there is no protection at all.

affter333

8:54 pm on Sep 11, 2003 (gmt 0)

check refer from being hotlinked.

use ms's script encoder if you dont want poeple to look.

gph

9:38 pm on Sep 11, 2003 (gmt 0)

Try using eval() or window['string'] to piece together window.location and the url the page is on. Then set the script up so that it only works on your page.

functional = window.location == 'myURL' ? 1 : 0;

If someone can figure it out they would probably be writing their own. If they can't, it won't work on any page but yours.

GeorgeGG

11:25 pm on Sep 11, 2003 (gmt 0)

About like what 'gph' said:

if(window!= top)
{
top.location.href = location.href;
}
if(document.URL.indexOf('http*//YourDomain/') == -1)
{
window.location="http*//YourDomain/";
}

GGG