Disable view source

How can I disable view- source in the menuber using javascript?I already tried disabling
right click in my web page but I can still view the source through the menubar.pls help...

tnx in advance!

troa
troaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

scoop7Commented:
Hey troa

Unfortunately the viewing of a source is a function of the browser, it needs to read it so the user will also be able to read it. However, there are ways of making it more difficult for users to read your source. Below is a link to a site that further explains and supports what I have said here, good luck...

http://www.devwebpro.com/devwebpro-39-20030428Is-Someone-Stealing-Your-Source-Code.html

Thanks
amit_gCommented:
Isn't it the same question?

http://www.experts-exchange.com/Web/Q_20661693.html

Asking it again in different TA will not change the answer :) This question has been asked thousand times and the answer has always been the same but you don't believe when someone says "You can't do it".  Ok read these

http://www.experts-exchange.com/Web/Web_Languages/JavaScript/Q_20525161.html
http://www.experts-exchange.com/Developer/Web/Web_Languages/JavaScript/Q_20097257.html
http://www.experts-exchange.com/CXO/Web/Web_Languages/HTML/Q_20619256.html

and probably the best one

http://www.experts-exchange.com/Developer/Web/Web_Languages/HTML/Q_20089707.html
Price Your IT Services for Profit

Managed service contracts are great - when they're making you money. Yes, you’re getting paid monthly, but is it actually profitable? Learn to calculate your hourly overhead burden so you can master your IT services pricing strategy.

centaxCommented:
The best you can do is encrypt it.. you can do a search on google for a free encrypter. That way once viewed it wil llook like %%%0540%%%page%%%798.. but there are still ways for experienced surfers to still see your code. (or uncrypt it)

Or you can use a loading iframe, which is difficult if you're not familiar with those sorts of things.. if you just want to make it difficult for drive by theives, encrypting it is your best bet (but be  sure to keep an html backup)
centaxCommented:
*iframes will not disable the view source.. only make it harder to view. As said before, it IS impossible (at this time) to disable the view source.

Using disable right-click is more of an annoyance than a useful tool,a lot of people like to right click to open fresh pages to keep the main page at hand.
jaysolomonCommented:
I want to know what your doing in your code that noone else has done that is so special that you do not want us to see it?

Or

is it that you are ashamed of the way you code your pages and scripts?
centaxCommented:
haha!

when i recently redid my website i was attempting the same thing, a lot of amateur web-designers like taking things from my site so i thought it would be nice to prevent them from doing so.

but, you can always put a tag like this where its clearly seen:
<---------YOUR IP HAS BEEN LOGGED, DONT BE LAME AND STEAL MY CODE------->

you dont realize until long after your quest and people telling you, you cant stop them... do you realize what a waste of time the view source prevent really is.

if someone wants something badly enough, all they have to do is file > save as to your page and they have everything at their fingertips. for encryptions there's always a reverse, so you're really better off not wasting any time doing so. Just make your html look sloppy and hard to read, no one will want anything to do with it :)
jaysolomonCommented:
>>>but, you can always put a tag like this where its clearly seen:
<---------YOUR IP HAS BEEN LOGGED, DONT BE LAME AND STEAL MY CODE------->

This would be ok if IP addy's were acurate.

Since there are routers, etc then a IP won't do any good.


But you are correct as everyone else is "IT AIN'T GONNA HAPPEN" so close this Question
centaxCommented:
If someone is lame enough to steal a source code, often times the "YOUR IP..." will scare them off.
jaysolomonCommented:
jaysolomon - NOT SCARED :>)
Saqib KhanSenior DeveloperCommented:
Simple answer would be "LET IT GO SPARKY"

hahahahahh

so many comments and jaysolmon is does not this idea at all about hiding Source code, Well I agree.

no matter what you do there is always a way to get the code and Steal images.

By the way from my site people keep stealing images is there a way so if someone tries to save a image window pop menu should show it as a fake extension such as "BMP". I saw sites like priceGrabber.com doing it if you try to steal their image.

and Can we generate FAKE IP address to trick someone, as you guys mention to scare someone via Ip threat?


Follow the links above if you really want to hide the source code:).
centaxCommented:
If it's about stealing images only... having a popup go to an html and place the image inside the html box with no toolbars or anything, and disable right click is another method to SLOW THEM DOWN... it won't defeat them.

Often times youll find, the more you try to prevent people from taking something, the more they'll take it. Just because.
jaysolomonCommented:
>>>so many comments and jaysolmon is does not this idea at all about hiding Source code, Well I agree.


could you retype this in english? ;))))
Saqib KhanSenior DeveloperCommented:
oops sorry jay, My bad


here let me write the replace function :)

str.replace(so many comments, and jaysolman does not like this idea about hiding the source code at all, Well i agree)

centrax i was talking about MIME settings, something like that i saw few sites doing it.

jaysolomonCommented:
<script>

alert('Thank you adilkhan')

</script>
COBOLdinosaurCommented:
If you search this site, i expect you will get a couple of hundred hits on this.  None of them contains anything that work.  If you search the Internet you will find thousands of solutions that you can buy, and none of them work either; and they won't give you back your money when you find that out.

Here is a cute little link about this: http://www.vortex-webdesign.com/help/hidesource.htm

I don't mean to be offensive but I have to ask this:  What makes you think that you have anything worth stealing?  If you are so new at this that you still don't understand that the source is downloaded to the user's computer and they have control of it; what make you think you have coded something that has not already been done hundreds of times?

Anyway suit yourself you can spend the next thousand years trying to find a solution, or you can move on to something more productive;  because there is nothing that can prevent a user who wants your source from getting it.

Cd&
encryptedbugCommented:
<head>
<script language="javascript">
function disable()
{
if (event.buton==2) then
{alert("MESSAGE HERE") }
}
end function
</script>
</head>
<body onmousedown="disable()">

or

<body oncontextmenu="return false">
Craiga-usCommented:
<script>
  document.oncontextmenu=function(){ return false; }
</script>
COBOLdinosaurCommented:
ROTFL... in every one of these thing we get these lame scripts to diable right click an the contextmenu.... but in this one we get to scratch our head and wonder how there is also an apparent inability to read the question.  Perhaps they just don't know the difference between right click and the menu bar.

Sorry if that offends you, but when you kiddie forum nonsense on a professional site you are going to get laughed at.

Cd&
cneelusCommented:
gegegeCommented:
the only things that scripts which try to stop people getting at the source is annoy them and make them more determined.  at least it does me ;)
rafa_Commented:
no.
jaysolomonCommented:
ROTFLMAO

Please close this Question before i have a stroke, laughing so hard.
troaAuthor Commented:
i've seen a page that disabled the view source in the menu bar (i forgot the address).
i just want to know how they did that and try it on my site to have some fun.
not much for security.

troa:)
brunoCommented:
troa,

no, you didn't.

i promise.

you didn't.


maybe your cache was full and your browser wouldn't open the source.  i PROMISE, whatever it was that was stopping you from opening the source was a function of some bug on YOUR MACHINE, not the web page.

you CAN NOT HIDE THE SOURCE.  The source is ALREADY ON THE CLIENT COMPUTER.  Even if you COULD disable the menu bar, you can always look in your brower's cache to find it.

If you don't want the user to be able to find the source through the menu bar, take away the menu bar.

Of course, they can always do it through the address bar....oh, didn't know that?

Of course, they can always just save the page to their computer....oh wait, it's already on there??



YOU CAN'T DO THAT.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
brunoCommented:
Cd&,

You should do new PAQ builders now that you can split points..
http://www.experts-exchange.com/Web/Web_Languages/HTML/Q_20661699.html


bruno
COBOLdinosaurCommented:
Yeah, probably a good idea; once somethings get settled down.

Cd&
jaysolomonCommented:
Can i participate in the PAQ Builder :>)
brunoCommented:
troa,

sorry it's not quite the answer you were looking for....


bruno
Patch_sdCommented:
ok, i'm a noob here.. all i know is simple html...

if you write your website in code... the if..then code... (sorry once again.. kinda a noob)
wont that hide the code? because the code is server side.. and sends the VIEW SOURCE as html...
the only thing the person will see is an image, a table... etc... they wont see the if.. then... which is the main part and working end of the code.

am i wrong here?  or did i ramble and confuse everyone?


and i disable right click... because the bigger noobs (those worse then me) will stop at that.. they wont figure out the menu bar.. so you do stop some.. lol
brunoCommented:
patch,

no you are correct.  you can hide the server side functionlity behind your site.  but for some reason, people feel they want to actually hide the source of their site...
Patch_sdCommented:
cant do that.. even i know that :)

thanks for letting me know i was on right track about that code brunobear.

ofcourse, i dont know how to do that yet... any book recommendations? i can read it... but not write it.. :(
rayray120497Commented:
I am here because I want to know how it can be done.
Right, it can be done.
At least, I see it works in Ameritrade website.
I can right click and see the full context menu, but only the "View Source" option is greyed out.
When I click "View" from the browser menu, the "Source" option is greyed out too.
I don't know how it is done, but it is possible.
For you information, I am using IE 6.0, not sure if it behave the same way in other browser or not.
rayray120497Commented:
Just a few more observations from Ameritrade website.
When I click the browser's "File" menu, the "Save" option is greyed out, too.
Although "Save As" is still enabled, when I clicked it, I got this warning:
"This web page may not save correctly. Would you like to save it anyway?"
Again, I am using IE 6.0.
brunoCommented:
rayray, you don't believe the answer provided here?


find me ANY webpage where the SAVE option is NOT grayed out.

If you have questions about this however, please open your OWN question, and do no piggyback onto someone else's question.  
jaysolomonCommented:
rayray


when you get to a page that is so called disabled, type this in the address bar

javascript:alert(document.body.parentNode.innerHTML)

you will see all the source

also brunobear is correct
brunoCommented:
interesting jay...i'd prefer

view-source:http://www.experts-exchange.com/Web/Web_Languages/HTML/Q_20661699.html#10402525

though as you can scroll...  :-)
COBOLdinosaurCommented:
Bruno the trouble with that is that it gives you the raw source.  If the actuallcode is generated by an applet or other executable, the all you see with view source is the applet or object tag.  I prefer to use:

javascript:str=document.documentElement.innerHTML;document.write('<textarea rows=20 cols=60>'+str+'</textarea>');

That way it is in a nice textarea reay to be cut and pasted.

Cd&
brunoCommented:
hmm doing that on this page still leaves some of the page behind...
COBOLdinosaurCommented:
That is rather interesting.  It looks like the complex table setup breaks somewhere along the way. The only  time I've seen that is when there is a second HTML tag, like you get from some of the ad servers.  I don't have time to play with it now but... I'll put it in my "curious" folder.

Cd&
brunoCommented:
:-)
_aRCommented:

Troa,
         Disabling the sorce of the file is function of the browser's toobar that's why you can't disable it. What you've seen is maybe the restriction of the system administration on that particular HTML editor such as notepad or wordpad...
                                                        _aR
MikeFairbrotherCommented:
Hi, I Have Even Seen A Site Where If You Click View It Has View Source Blocked Out & Yes, it Can BE Done
brunoCommented:
Hi Mike,

I just want to thank you for dropping by here and letting all of us EXPERTS know that we are wrong.

Even though this is what many of do for a living, even though we've answered this question many times, done research on it, I am SO very glad you stopped by here to let us know how wrong we all are!



bruno
normanspearsCommented:
It's possible that MikeFairbrother has a problem with his cache: try clearing it out. Check out http://www.webmasterworld.com/forum10/3362.htm or http://www.experts-exchange.com/Web/Browser_Issues/Q_20931523.html. This is the only way (short of installing malware/BHOs/spyware etc that messes with your browser settings/toolbars) that I've found that will disable the view source capabilities. In short, it's a function of your cache, not the web designer's code, that greys out those features. Adobe Reader can grey out stuff too, actually: but that requires you to install their product. But basically, the browser has to be able to see the HTML, otherwise it won't render...

I saw a couple of other ways to read the source too at http://forums.devshed.com/archive/t-49264:

Mozilla bookmark:

javascript:window.open('about:blank').document.write('<pre>' + unescape((new XMLSerializer()).serializeToString(document).replace(/</g, '&lt;')) + '</pre>')

IE favorite:

javascript:window.open('about:blank').document.write('<pre>' + document.documentElement.outerHTML.replace(/</g, '&lt;') + '</pre>')
rayray120497Commented:
Here is what I've found out.

When viewing pages from HTTPS website using IE 6.0+, the View Source action is DISABLED.

It is a security feature of newer IE.

However, even it is disabled, I can still use the JAVASCRIPT that a few of you have posted above to see the source.
normanspearsCommented:
That's weird, I just went to my banking site, which is HTTPS, and could see the view source in the drop down AND the context menu just fine. I'm running a fully patched XP Pro SP2, IE 6 with 128 bit encryption.

Are you sure YOU don't have to empty your browser cache, too?
brunoCommented:
>>It is a security feature of newer IE.


No, it's not.


Why won't you people listen???  There is no way to block the view source - even if this was a "security feature," which it's not, you could always view the source of the page somehow or other.

IT IS SIMPLY NOT POSSIBLE TO STOP PEOPLE FROM SEEING YOUR SOURCE.


Can we END this discussion now?  This is question that is almost a year old and we don't need to spam it anymore - if anyone here wants to continue the discussion, please open a new thread - feel free to post the link here.  If the discussion here continues however, I'll be forced to bring administration into it.....


Thanks,


bruno
MikeFairbrotherCommented:
Listen, "Bruno The Dog" Or Whatever You Are, I Have Emailed Microsoft About This Issue And Have Been Sent A Reply, It IS Possible To Disable The Source Code Button But You Need A Legal Copyright And Priveladges From Microsoft (A Certain & Special Code Implimented Within Your Site) To Disable The Button!

Now Go Get Back In Your Kenal, And Stop Shouting At Everyone Like You Know It All!


--
brunoCommented:
and will that help in Mozilla, Opera, Safari?

I will alert CS to the situation here. You have been asked nicely to take the discussion elsewhere instead of cluttering up a year old thread.


bruno
PrebenJensenCommented:
Ok maybe it cant be done

But Please explain this: weblockpro.com/home.php. They do it

Preben Jensen
brunoCommented:
Hi Preben and others,

If anyone has any other questions on this topic, please ask a new question as COBOLdinosaur has stated.

Here is the link to ask a new question:
http://www.experts-exchange.com/Web/Web_Languages/HTML/askQuestion.jsp

Post a link to your new question here, and I will gladly show you how easy it is to see the source of that WebLockPro site....but please, no more discussion here.


bruno
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
HTML

From novice to tech pro — start learning today.