Solved

Prevent Saving Pics on Websites

Posted on 2004-09-25
38
327 Views
Last Modified: 2013-11-19
Can someone please tell how to code it so that you can post a picture but it isn't possible to right click and save the pic.
0
Comment
Question by:Borath
  • 12
  • 7
  • 7
  • +5
38 Comments
 
LVL 3

Expert Comment

by:pulupul
Comment Utility
Security and content protection in browser side does not exist. But you can do some tricks for unexperienced users not to be able to copy the content. What comes to my mind in this case is to use the picture as a table background. Anyway, using the print screen key will always override any protection.
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
There is a saying that goes something along the lines of if you don't want people to download your pages contents don't put them online.

This is quite true, you can try any number of prevention methods you like such as disabling the right click (which is completely pointless and a little annoying from the users perspective - Firefox can also specifically override as can any browser that can disable JS). but nothing will work as there is always a work around.

As pulupul there is print screen, and even easier then that there is the temp internet files, remember everything that you view on the web is downloaded into the temporary internet files and each of these files, including images, can be copied out of this folderand moved to a permanent storage location.
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
You might want to look at this page which some what covers what you want

http://www.javascripter.net/faq/rightbu2.htm

But as said above there are always work arounds.
0
 
LVL 1

Expert Comment

by:manuel2004
Comment Utility
here's some code that i've used

function disable_right_click ()
      {
            // GET THE BROWSER TYPE
            var browser = navigator.appName.substring ( 0, 3 );

            var event_number = 0;

            if ( browser == "Mic" )
                  event_number = event.button;
            else if ( browser == "Net" )
                  event_number = 2;

            if ( event_number == 2 || event_number == 3 )
                  {
                  alert ( "Right Mouse Button Is Disabled" );
                  return ( false );
                  }

            return ( true );
      }


      function check_mousekey ()
      {
            var mouse_key = 93;
            var keycode = event.keyCode;

            if ( keycode == mouse_key )
                  alert ( "Mouse Key Is Disabled" );
      }


      function trap_page_mouse_events ()
      {
            // GET THE BROWSER TYPE
            var browser = navigator.appName.substring ( 0, 3 );

            if ( document.images )
                  {
                  for ( var pic=0; pic<document.images.length; pic++ )
                        document.images[pic].onmousedown = null;
                  }

            // SEQUENCE FOR MICROSOFT BROWSERS
            if ( browser == "Mic" )
                  {
                  // TRAP THE PAGE ONMOUSEDOWN EVENT HANDLER
                  document.onmousedown = disable_right_click;

                  // SET THE FOCOUS ONTO THIS PAGE
                  self.focus ();

                  // TRAP THE PAGE ONKEYDOWN EVENT HANDLERS
                  document.onkeydown = check_mousekey;
                  }

            // SEQUENCE FOR NETSCAPE BROWSERS
            else if ( browser == "Net" )
                  {
                  // TRAP THE PAGE ONMOUSEDOWN EVENT HANDLER
                  document.onmousedown = disable_right_click;
                  document.captureEvents ( Event.MOUSEDOWN );
                  }
      }


      function trap_images_mouse_events ()
      {
            // GET THE BROWSER TYPE
            var browser = navigator.appName.substring ( 0, 3 );

            // SEQUENCE FOR MICROSOFT BROWSERS
            if ( browser == "Mic" )
                  {
                  // RELEASE THE PAGE ONMOUSEDOWN EVENT HANDLER
                  document.onmousedown = null;

                  // SET THE FOCOUS ONTO THIS PAGE
                  self.focus ();

                  // RELEASE THE PAGE ONKEYDOWN EVENT HANDLERS
                  document.onkeydown = null;

                  // TRAP THE IMAGES ONMOUSEDOWN EVENT HANDLERS
                  if ( document.images )
                        {
                        for ( var pic=0; pic<document.images.length; pic++ )
                              document.images[pic].onmousedown = disable_right_click;
                        }
                  }

            // SEQUENCE FOR NETSCAPE BROWSERS
            else if ( browser == "Net" )
                  {
                  // RELEASE THE PAGE ONMOUSEDOWN EVENT HANDLER
                  document.onmousedown = null;
                  document.releaseEvents ( Event.MOUSEDOWN );

                  // TRAP THE IMAGES ONMOUSEDOWN EVENT HANDLERS
                  if ( document.images )
                        {
                        for ( var pic=0; pic<document.images.length; pic++ )
                              document.images[pic].onmousedown = disable_right_click;
                        }

                  // TRAP THE LINKS ONMOUSEDOWN EVENT HANDLERS
                  if ( document.links )
                        {
                        for ( var link=0; link<document.links.length; link++ )
                              document.links[link].onmousedown = disable_right_click;
                        }
                  }
      }


      function release_all_mouse_events ()
      {
            // GET THE BROWSER TYPE
            var browser = navigator.appName.substring ( 0, 3 );

            // SEQUENCE FOR MICROSOFT BROWSERS
            if ( browser == "Mic" )
                  {
                  // RELEASE THE PAGE ONMOUSEDOWN EVENT HANDLER
                  document.onmousedown = null;

                  // SET THE FOCOUS ONTO THIS PAGE
                  self.focus ();

                  // RELEASE THE PAGE ONKEYDOWN EVENT HANDLERS
                  document.onkeydown = null;

                  // RELEASE THE IMAGES ONMOUSEDOWN EVENT HANDLERS
                  if ( document.images )
                        {
                        for ( var pic=0; pic<document.images.length; pic++ )
                              document.images[pic].onmousedown = null;
                        }
                  }

            // SEQUENCE FOR NETSCAPE BROWSERS
            else if ( browser == "Net" )
                  {
                  // RELEASE THE PAGE ONMOUSEDOWN EVENT HANDLER
                  document.onmousedown = null;
                  document.releaseEvents ( Event.MOUSEDOWN );

                  // RELEASE THE IMAGES ONMOUSEDOWN EVENT HANDLERS
                  if ( document.images )
                        {
                        for ( var pic=0; pic<document.images.length; pic++ )
                              document.images[pic].onmousedown = null;
                        }

                  // RELEASE THE LINKS ONMOUSEDOWN EVENT HANDLERS
                  if ( document.links )
                        {
                        for ( var link=0; link<document.links.length; link++ )
                              document.links[link].onmousedown = null;
                        }
                  }
      }

all the above u can just copy on ur page


the key is this:

to disable right click on images:
paste this at the end after the last function
trap_images_mouse_events
to disable right click on all page:
window.onload = trap_page_mouse_events;

0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
Guys that wont work...
All the user have to do is: File >> Save Page As...
And they have all the pictures....

My best idea for you is to split the pictures up into tiles and reassemble them in HTML...
0
 
LVL 1

Expert Comment

by:manuel2004
Comment Utility
your right oliwarner but as pulupul said there are certain things u can do to protect ur self againts unexperience users and the javascript code is one of them
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
>>  Guys that wont work...

As has been said nothing will work 100%, there is many methods of working around any attempts at protection.
0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
But something as simple as JS is bypassed by something just as simple... I daresay it would take less time to bypass the JS than implement it...

At least if you're splitting up the pictures the person is going to have to reassemble is manually... something nobody will be bothered with if they cant do it automatically...

Another option could be having a java applet load up all the pictures, have an instance of it for every picture and pass it a different parameter, but you should make the parameter secret somehow, so instead of passing /images/picture.jpg, pass picture.jpg and have images hard-coded into the applet...

You could do exactly the same thing with flash.

Short of taking a screen shot, these are your most secure options...
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
The only positive side with using a simple JavaScript to prevent it is that most "average web users" will not be aware of the many ways to work around the disabled right click (or other equally pointless method) so in the case of those it might be enough to put them off bothering.

They will be far less aware of what is and what is not possible so if they are confronted with an alert that reads "right click disabled" for example they will take it as it is and assume that the right click IS disabled and there is nothing the can do about it.

A java applet or an embedded flash object will prevent the majority of the common work around being an issue but as has been said there is still print screen and various other methods.

The bottom line is "if you don't want people to download your pages contents don't put them online"
0
 

Author Comment

by:Borath
Comment Utility
How does the tile suggestion mentioned above work?
0
 
LVL 1

Expert Comment

by:manuel2004
Comment Utility
what suggestion are u refereing to???
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
here is the huuuge topic for that...

http://www.experts-exchange.com/Web/Q_21108481.html
0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
the tile method i mentioned means you breaking each picture you dont want downloaded into, say, 9 tiles (a 3*3 grid) which you remake in a table on your page...

If people want to download it they have to download all 9 tiles and reassemble each picture out of its tiles...
A real effort...
0
 
LVL 49

Expert Comment

by:Roonaan
Comment Utility
It would be much easier to watermark you're pictures to have you're website url printed all over the pix. You'd then just offer some pay-to-get-original-option.

-r-
0
 
LVL 3

Expert Comment

by:BenReynolds
Comment Utility
Ronaan's last post makes the best sense. You watermark the pics, you insert copyright info into the pic's info, and -- most important -- the quality of the pic you provide on the web is inferior to the one you want to sell. And you say so. That's what most of the photography sites do.

I note that you haven't said WHY you want to prevent the pics from being copied.
0
 

Author Comment

by:Borath
Comment Utility
Hi David, Great link you provided with.

I was reading through it and was interested in the part where it clears up your clipboard so that it prevents taking screenshots with the print screen button...

How do you do this?

I've been using your code with the main.asp, cencel.asp, loader.asp, default.asp
0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
<SCRIPT LANGUAGE="JavaScript">

function ClipBoard()
{
holdtext.innerText = copytext.innerText;
Copied = holdtext.createTextRange();
Copied.execCommand("Copy");
}

</SCRIPT>


Just call that from an element repeatedly on the page...
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
these are the methods which control clipboard data...

window.clipboardData.getData('Text');    
window.clipboardData.clearData('Text');    
window.clipboardData.clearData('HTML');    
window.clipboardData.setData('Text', mytext);



0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
if you liked my version of "almost hidding" the source... here's the update. I'm not sure, but I think only sniffers can get the source....


default.asp
--------------
<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>


<html>
<head>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">


<script language="Javascript">
function load_(){
   window.frames[0].location="main.asp"

}
</script>
</head>
<%
session("frames")="OK"
%>

<frameset rows="100%,0,0" frameborder="0" onload="load_()">
   <frame src="about:blank" name="content">
   <frame src="about:blank" name="loader" scrolling="no">
   <frame src="about:blank" name="helper" scrolling="no">
</frameset>


</html>




main.asp
--------------
<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>


<html>
<head>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">

<script language="Javascript">

function add_(html){
   document.body.innerHTML=html;
   top.helper.location="cencel.asp";
}
function load(){
    document.onselectstart=function(){return false}
    top.loader.location="loader.asp";
    setTimeout('shake2(10)',2000);
}
var i,j;
function shake2(n){
  for(i=10;i>0;i--) {
      for(j=n;j>0;j--){
            window.parent.moveTo(0,i);
          window.parent.moveTo(i,0);
          window.parent.moveTo(0,-i);
          window.parent.moveTo(-i,0);
      }
  }
}
</script>
</head>

<body onload="load()" onmousedown="shake2(2)" style="background-color:#000000;color:#555555" oncontextmenu="return false">

</body>

</html>




loader.asp
----------------
<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"

if InStr(Request.ServerVariables("HTTP_USER_AGENT"),"IE")=0 and InStr(Request.ServerVariables("HTTP_USER_AGENT"),"Opera")=0 and InStr(Request.ServerVariables("HTTP_USER_AGENT"),"Gecko")=0 and InStr(Request.ServerVariables("HTTP_USER_AGENT"),"Netscape")=0 and InStr(Request.ServerVariables("HTTP_USER_AGENT"),"Konqueror")=0 then
response.end
end if

response.write("<html><head><META HTTP-EQUIV=PRAGMA CONTENT=NO-CACHE><noscript><meta HTTP-EQUIV=refresh CONTENT=0;url=cencel.asp></noscript></head><body style=overflow:hidden>")

response.write(Request.ServerVariables("HTTP_USER_AGENT"))
set oBrowser = Server.CreateObject("MSWC.BrowserType")
%>

<%
if session("frames")="OK" then

if InStr(Request.ServerVariables("HTTP_USER_AGENT"),"IE")<>0 then
  if oBrowser.JavaScript=True then

response.write("<script language=Javascript>if(window.frames.length==0)self.location=" & "'" & "about:blank" & "'" & ";")

response.write("var html=" & "'" & "<br><br<br><br><center><table><tr><td align=center valign=middle><img src=eyes.gif></td></tr></table>\n" & "'" & ";")
response.write("html+=" & "'" & "<br><br><h1 style=font-family:impact>" & "WARNING!<div></div><br><br>HTML SOURCE CODE IS PROTECTED!<br>Anyway, you are welcome to break it...&nbsp;<br><br><font size=6>Good Luck!</font></h4></center>\n" & "';")
response.write("try{top.content.add_(html);self.location=" & "'" & "about:blank" & "'" & ";}catch(e){}</script>")
  end if
else
response.write("<script language=Javascript>if(window.frames.length==0)self.location=" & "'" & "about:blank" & "'" & ";")
'response.write("<script language=Javascript>")
response.write("var html=" & "'" & "<br><br<br><br><center><table><tr><td align=center valign=middle><img src=eyes.gif></td></tr></table>\n" & "'" & ";")
response.write("html+=" & "'" & "<br><br><h1 style=font-family:impact>" & "WARNING!<div></div><br><br>HTML SOURCE CODE IS PROTECTED!<br>Anyway, you are welcome to break it...&nbsp;<br><br><font size=6>Good Luck!</font></h4></center>\n" & "';")
response.write("try{top.content.add_(html);self.location=" & "'" & "about:blank" & "'" & ";}catch(e){}</script>")
end if
session("frames")=null
else


response.write("<h2>The page source is protected, you cannot see it!</h2")



end if

response.write("</body></html>")
%>




cencel.asp
---------------
<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"



response.write("<html>")
response.write("<head>")
response.write("<META HTTP-EQUIV=PRAGMA CONTENT=NO-CACHE>")

response.write("</head>")
response.write("<body>")

session("frames")=null


response.write("</body>")
response.write("</html>")
%>
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
OliWarner's comment about clipboeard control will be the best because you don't have to worry about browser campatibility, what you do is, by copying a new data to the clipboard will erase previous...  :)
0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
there would have to be another javascript timer setting the clipboard as something every second or something like that...

And remember this would only stop people doing crtl+print screens
people can still use other screen capturing software...

If your stuff is this important, you really shouldnt let people look at the best quality versions unless they register/pay for them...
0
 
LVL 27

Expert Comment

by:Diablo84
Comment Utility
>> If your stuff is this important, you really shouldnt let people look at the best quality versions unless they register/pay for them...

I think that is one of the most valid comments in this thread. If the content is that important add a simple authentication system to your site so only registered users can view your pictures for example.

Even if you can prevent everything else there is always the temp internet files and >file - >save page as, in my opinion its rather futile. Also with regards to clearing the clipboard, if the user has just copied something to the clipboard prior to accessing your site i doubt they will be too impressed with having it cleared from the memory.
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
Diablo84, you are right, but approach was diferent... :)
BTW, what I did you cannot use (not with images, only HTML) >  "Even if you can prevent everything else there is always the temp internet files and >file - >save page as, in my opinion its rather futile....."    
only browser sniffers can get to it
0
 

Author Comment

by:Borath
Comment Utility
I don't have anything important so I don't need any authentication.
The people looking at it won't be tech-savy so they won't know about the temp files and all that.

David,

Thanks for posting your updated code. That'll be the one I'll be using, it's very good.

I'm not sure if you added the code for clearing the clipboard in your updated code above?

0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
But hiding the source doesnt help you out.... it wont hide the images...
People could still right click the image and save it...
0
 
LVL 49

Expert Comment

by:Roonaan
Comment Utility
As to the temp folders thing. Doesn't adding some caching headers prevent the file from being cached and stored in temp?

-r-
0
 

Author Comment

by:Borath
Comment Utility
Dave,

Can you show me where to insert the code to clear the clipboard above?

Main.asp
Cencel.asp
default.asp
loader.asp

Would it be in your main.asp?
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
change default.asp


<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>


<html>
<head>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">


<script language="Javascript">
var tmr;
function load_(){
   window.frames[0].location="main.asp"
   tmr=setInterval('ClipBoard()',2000)

}
function ClipBoard(){
   window.clipboardData.clearData()
}

</script>
</head>
<%
session("frames")="OK"
%>

<frameset rows="100%,0,0" frameborder="0" onload="load_()">
   <frame src="about:blank" name="content">
   <frame src="about:blank" name="loader" scrolling="no">
   <frame src="about:blank" name="helper" scrolling="no">
</frameset>


</html>
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
since window.clipboard... is only for IE

function load_(){
   window.frames[0].location="main.asp";

   if(navigator.appVersion.indexOf('IE')!=-1)
         tmr=setInterval('ClipBoard()',2000)

}
0
 

Author Comment

by:Borath
Comment Utility
Are you saying replace:

--------------
}
function ClipBoard(){
   window.clipboardData.clearData()
}
--------------

With this:

----------------------------------------------
function load_(){
   window.frames[0].location="main.asp";

   if(navigator.appVersion.indexOf('IE')!=-1)
         tmr=setInterval('ClipBoard()',2000)

}
---------------------------------

So that the final default.asp will be:



<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>


<html>
<head>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">


<script language="Javascript">
var tmr;
function load_(){
   window.frames[0].location="main.asp"
   tmr=setInterval('ClipBoard()',2000)


function load_(){
   window.frames[0].location="main.asp";

   if(navigator.appVersion.indexOf('IE')!=-1)
         tmr=setInterval('ClipBoard()',2000)

}


</script>
</head>
<%
session("frames")="OK"
%>

<frameset rows="100%,0,0" frameborder="0" onload="load_()">
   <frame src="about:blank" name="content">
   <frame src="about:blank" name="loader" scrolling="no">
   <frame src="about:blank" name="helper" scrolling="no">
</frameset>


</html>

Sorry, was a little confused...Thanks.
0
 
LVL 13

Accepted Solution

by:
davidlars99 earned 100 total points
Comment Utility
no, default.asp should look like this


<%
Response.Expires = 0
Response.Expiresabsolute = Now() - 1
Response.AddHeader "pragma","no-cache"
Response.AddHeader "cache-control","private"
Response.CacheControl = "no-cache"
%>


<html>
<head>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">


<script language="Javascript">
var tmr;
function load_(){
   window.frames[0].location="main.asp";

   if(navigator.appVersion.indexOf('IE')!=-1)
         tmr=setInterval('ClipBoard()',2000)

}
function ClipBoard(){
   window.clipboardData.clearData()
}

</script>
</head>
<%
session("frames")="OK"
%>

<frameset rows="100%,0,0" frameborder="0" onload="load_()">
   <frame src="about:blank" name="content">
   <frame src="about:blank" name="loader" scrolling="no">
   <frame src="about:blank" name="helper" scrolling="no">
</frameset>


</html>
0
 

Author Comment

by:Borath
Comment Utility
Thanks,

I realized what you meant after I posted. It works great now.

I'm going to give you the points for such a great code!

Thanks!
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
thanks Borath for considering this as a good work, I'm truly glad you liked it, because some expert (one of the page editors, called it a "Lame Attempt of Hidding Source" and accused me in stealing the idea from someone) really hated the idea...  :) :)
0
 
LVL 16

Expert Comment

by:OliWarner
Comment Utility
Truth be told, regardless to the originality of the code, it doesnt solve the problem at all...
People can still save picture as easy as before... they just cant see the page's source...

Thus it doesnt answer the question...
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
yes it can if you put this in "main.asp"

<noscript><meta HTTP-EQUIV=refresh CONTENT=0;url=noscript.asp></noscript>

and in "noscript.asp" tell them to come back with Javascript enabled browser, then from "loader.asp" costruct the image via Javascript as you suggested OliWarner, these way they won't be able to find out what the names of image pieces are.
Only sniffers can get the original source and thus you reduce the chances of saving pics.  :)
0
 
LVL 13

Expert Comment

by:davidlars99
Comment Utility
:) this will make you sleep better at least :)
0
 

Author Comment

by:Borath
Comment Utility
DavidLars99,

Quick questionf or you. I saved your source code on a free server and it worked. I was inactive on that server for a while so it deleted my stuff.

Now I'm trying to remember how this code works. Could you refresh my memory on where I actually put my pics? Is it the default, main or loader file?

Thanks.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
This tutorial walks through the best practices in adding a local business to Google Maps including how to properly search for duplicates, marker placement, and inputing business details. Login to your Google Account, then search for "Google Mapmaker…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now