java programming

Posted on 2006-04-11
Last Modified: 2010-04-17
1.How to disable save as option of any browser in JavaScript ?
2.How to disable source option of any browser in JavaScript?
Question by:krisdev
    LVL 14

    Accepted Solution

    1. This is *impossible*.
    2. This is *impossible*.


    The browser cannot render a web page unless it is already locally saved in the some temp. folder. This means that if you can view a page in a web browser, then you already have it!

    The best you can do is hide the menu bar and disable the context menu using some JavaScript code, but users can still go to the cache folder and view/edit/copy the web page.


      Nayer Naguib
    LVL 6

    Assisted Solution

    LVL 14

    Expert Comment

    Moreover, if you use the JavaScript code that disables the right-click context menu, users can choose not to run JavaScript code, which disables this feature. There are also other tricks, such as pressing F10 while viewing a page with Internet Explorer to enable the context menu.

    Hiding the menu bar is also not so effective. Copying and pasting the contents of the Address bar into a new window is one workaround.


      Nayer Naguib
    LVL 10

    Assisted Solution

    Source Padding
    Really, the oldest trick in the book. It involves adding a ton of white space before the start of your code so that the view source menu appears blank. However, must all people will notice the scroll bars and will scroll around to find your code. As pointless and silly as this method is, there are some still who use it.

    No Right Click Scripts
    These scripts stop users from right-clicking, where the "View Source" function is located.


        * Notoriously hard to get working across browsers and to actually work properly.
        * The right-click menu, or context menu, includes many helpful tools for users, including navigation buttons and the "Bookmark Page" button. Most users don't take kindly to having their browser functionality disabled and are inclined not to revisit such pages.
        * The View Source function is also available through the top Menu. At the main menu bar at the top of your browser, select View, and then in the sub-menu, you'll see "View Source" or something similar. Also, there are keyboard shortcuts like Ctrl+U that can be used to view source. All this method does is add about a two second delay to someone trying to view your source and it does irritate users who aren't trying to view your source.

    "JavaScript Encryption"
    This is by far the most popular way to try to hide one's source code. It involves taking your code, using a custom made function to "encrypt" it somehow, and then putting it in an HTML file along with a function that will decrypt it for the browser. A User is able to view the source, however, it isn't understandable.


        * Your website is only usable for users with JavaScript enabled. This rules out search engines, users who've chosen to disable JavaScript, and users using a textual browser (such as the blind) that doesn't have JavaScript capabilities. Remember, JavaScript is a luxury, not a necessity on the web.
        * You have to include a means of decrypting the page so the browser can display it. Someone who understands JavaScript can easily decrypt the page.
        * Many browsers provide alternative ways around this. Some, like Netscape 7.0, allow you to save the page, decrypted for easy viewing later. Others, like FireFox, include tools like the DOM Inspector, which allows you to easily view and copy the XML of the page, decrypted.

    HTML Protection Software
    There are some less than honest people who want to sell your software to quickly and conveniently "protect" your source code. This type of software generally employs the above methods, in varying ways, to hide your source code. Many people think that if they are buying it, it must work. It doesn't. As we've seen, the above methods are all easily circumvented, and all this software does is implement these horribly flawed methods for you and take your money. Don't fall for them, I've yet to see a single one that's worked, and they never will.

    Isn't there Any Hope?
    The bottom line is that browsers need to see the unencrypted, plain text source code to create a webpage. For that reason, it's impossible to hide your HTML source code. If the browser can read it, which it needs to be able to do to render a webpage, then so can a user. That's the bottom line.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Suggested Solutions

    This is an explanation of a simple data model to help parse a JSON feed
    Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
    In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
    In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now