Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Hiding HTML Source

Posted on 1998-02-16
Medium Priority
Last Modified: 2013-12-25
Is it possible to hide the Document Source from a user.  I've seen programs that push the source down many lines or to the right to hide it, but this does not take long to crack.  Is it possible to disable the View Document Source option as an alternative.  I'm happy to use Javascript to do this.  I once came across a page that when choosing this option it just reloaded the page.  I can't remember where this page is.
Question by:nivlem
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3

Accepted Solution

bigelos earned 400 total points
ID: 1857411
Sorry, it isn't possible.  Anybody who knows enough about viewing the source code knows that you can just disable java and javascript if they want to see your source code.

This is one of the catch 22's about having platform independent, client compiled programs.  The client gets to see your source code.

One of the things you can do to minimize people looking at your source code is to use javascript to open a new window (and disable the menubar in the process) so that the "view source" isn't even available.

<A HREF="#" onClick="window.open('URL','window_name','')">Enter</A>

Where URL is your html file, window_name is the name of your window, and '' defaults to the menu disabled.

Expert Comment

ID: 1857412
Actually, I should say that not everyone knows how to disable javascript and/or java, which is why I posted the above code.

Here are the full options for the window.open method:

window.open("new.html","newWindow","toolbar=yes, location=1, directories=yes, status=yes, menubar=1, scrollbars=0, resizable=0, copyhistory=1, width=200, height=200");

For above, 1=true, 0=false. Try 0 and 1 if yes and no don't work properly.

One method you could further hide your data would be for a javascript button to submit to a cgi script, and at the same time open up a "menubarless" browser window that the cgi script writes to.  This would prevent people from simply opening up the URL on their own.

Other methods I have seen employed only Java.  i.e. The only html used was to call the java applet, which was custom designed for the page and used to display the entire page.  I would not recommend this method, unless you want to forget entirely about html and focus instead on Java.

Author Comment

ID: 1857413
Once they see the URL in the original page, couldn't the user load this directly and then see the Source Code?  Or is there a way to make the parent window disappear after say opening the child window automatically?

Expert Comment

ID: 1857414
Use the "copyhistory=0" so that they can't push the back button.  You might be able to use a <body onLoad="parent.window.close"> to close it, but not all browsers support this method.  I'm sure if I've got the syntax right since I don't have a reference book here right now.  I'll check on it and get back to you.

Just thought of something else.  This can be tricky and will probably fool most people:

Instead of
<A HREF="#" onClick="window.open('URL','window_name','')">Enter</A>
<A HREF="dif_url" onClick="window.open('URL','window_name','')">Enter</A>

Where the dif_url is a document that for all intents and purposes looks exactly like the original document that called it, except for the fact that the onClick method doesn't exist anymore and the HREF takes the user to a different portion of your web.

Of course, now of these are fixes for the problem only patches.  There is no way to stop the person from using the old DOS based MOSAIC and grabbing everything from your site.  (If you enter a URL in this program and forget to type the 'index.html' at the end, it will just show you the directory structure, at which point most of your security is compromised.)

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

CTAs encourage people to do something specific to show interest in your company, product or service. Keep reading to learn why CTAs should always be thought of as extremely important, albeit small, sections of websites.
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question