Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How to prevent users from viewing HTML source code
- Thread starter minonees
- Start date
This works but it's kind of a pain. In your initial page, refer to the page you want to show but hide the source to as a javascript file:
<script type="text/javascript" language="JavaScript" src="test2.cfm"></script>
In the second page (test2), encapsulate every line of HTML with the document.write command:
document.write("This Is Test 2"
;
You can use CF to dynamically build this second page:
document.write("<cfset x = 'This Is Test 2'><cfoutput>#x#</cfoutput>"
When the user looks at the source to the first page, all they will see is the call to the second. The problem is that they will see the file name for the second page and could type it into the browser but you may able to use GetTemplatePath or something to make sure they aren't peeking.
<script type="text/javascript" language="JavaScript" src="test2.cfm"></script>
In the second page (test2), encapsulate every line of HTML with the document.write command:
document.write("This Is Test 2"
;You can use CF to dynamically build this second page:
document.write("<cfset x = 'This Is Test 2'><cfoutput>#x#</cfoutput>"
;When the user looks at the source to the first page, all they will see is the call to the second. The problem is that they will see the file name for the second page and could type it into the browser but you may able to use GetTemplatePath or something to make sure they aren't peeking.
minonees,
I dont' think you can prevent users from viewing your HTML source.
IE's View Source command does not display HTML generated by document.write(..) but Netscape 4 does (I find this useful for debugging).
The user can always save the page and analyse it at leisure.
Even if you manage to disable these facilities, a smart user can find the code in the browser's cache directory.
The same goes for Javascript - I've seen "How can I protect my Javascript?" on dozens of forums and the answer is always "You can't".
Why bother about HTML source? The clever stuff you really want to safeguard is likely to be your CF code. If your server requires a password for FTP and you take good care of your password, your CF source should be pretty safe.
I dont' think you can prevent users from viewing your HTML source.
IE's View Source command does not display HTML generated by document.write(..) but Netscape 4 does (I find this useful for debugging).
The user can always save the page and analyse it at leisure.
Even if you manage to disable these facilities, a smart user can find the code in the browser's cache directory.
The same goes for Javascript - I've seen "How can I protect my Javascript?" on dozens of forums and the answer is always "You can't".
Why bother about HTML source? The clever stuff you really want to safeguard is likely to be your CF code. If your server requires a password for FTP and you take good care of your password, your CF source should be pretty safe.
- Thread starter
- #4
Alright Philcha,
I just wanna know how to hide the source code 'cos I wanna know. You should know that it's possible to disable the View > Source menu of the IE, but so far I don't know how. If you wanna make sure, just visit room33.com, login (you should login to see), and try to view the source code. You'll be surprised 'cos you won't be able to see any piece of code.
Thanx for payin' attention.
I just wanna know how to hide the source code 'cos I wanna know. You should know that it's possible to disable the View > Source menu of the IE, but so far I don't know how. If you wanna make sure, just visit room33.com, login (you should login to see), and try to view the source code. You'll be surprised 'cos you won't be able to see any piece of code.
Thanx for payin' attention.
Hey everyone can settle down,
I figured out how they did it.
It's JAVA (Which means out of my league)
If you try it from Netscape the html is visible and if you turn off the Java on IE the html is visible. So without devoting the rest of my life to it I can confidently say it is a Java thing.
Hope everyone gets better sleep.
I figured out how they did it.
It's JAVA (Which means out of my league)
If you try it from Netscape the html is visible and if you turn off the Java on IE the html is visible. So without devoting the rest of my life to it I can confidently say it is a Java thing.
Hope everyone gets better sleep.
- Status
Similar threads
- Locked
- Question
- Locked
- Question