nivlem
asked on
Hiding HTML Source
Is it possible to hide the Document Source from a user. I've seen programs that push the source down many lines or to the right to hide it, but this does not take long to crack. Is it possible to disable the View Document Source option as an alternative. I'm happy to use Javascript to do this. I once came across a page that when choosing this option it just reloaded the page. I can't remember where this page is.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Once they see the URL in the original page, couldn't the user load this directly and then see the Source Code? Or is there a way to make the parent window disappear after say opening the child window automatically?
Use the "copyhistory=0" so that they can't push the back button. You might be able to use a <body onLoad="parent.window.clos
Just thought of something else. This can be tricky and will probably fool most people:
Instead of
<A HREF="#" onClick="window.open('URL'
use
<A HREF="dif_url" onClick="window.open('URL'
Where the dif_url is a document that for all intents and purposes looks exactly like the original document that called it, except for the fact that the onClick method doesn't exist anymore and the HREF takes the user to a different portion of your web.
Of course, now of these are fixes for the problem only patches. There is no way to stop the person from using the old DOS based MOSAIC and grabbing everything from your site. (If you enter a URL in this program and forget to type the 'index.html' at the end, it will just show you the directory structure, at which point most of your security is compromised.)
Just thought of something else. This can be tricky and will probably fool most people:
Instead of
<A HREF="#" onClick="window.open('URL'
use
<A HREF="dif_url" onClick="window.open('URL'
Where the dif_url is a document that for all intents and purposes looks exactly like the original document that called it, except for the fact that the onClick method doesn't exist anymore and the HREF takes the user to a different portion of your web.
Of course, now of these are fixes for the problem only patches. There is no way to stop the person from using the old DOS based MOSAIC and grabbing everything from your site. (If you enter a URL in this program and forget to type the 'index.html' at the end, it will just show you the directory structure, at which point most of your security is compromised.)
Here are the full options for the window.open method:
window.open("new.html","ne
For above, 1=true, 0=false. Try 0 and 1 if yes and no don't work properly.
One method you could further hide your data would be for a javascript button to submit to a cgi script, and at the same time open up a "menubarless" browser window that the cgi script writes to. This would prevent people from simply opening up the URL on their own.
Other methods I have seen employed only Java. i.e. The only html used was to call the java applet, which was custom designed for the page and used to display the entire page. I would not recommend this method, unless you want to forget entirely about html and focus instead on Java.