How to let the code hidden from the viewers in Web browsers

Dear Experts,

I just write one html code file as attached, and it run in IE broswer as simple html.file.

The question how I can avoid the code to be seen by other users except the code output ?
I have google it, someone say I need to switch the html code to asp and php code.
And I test the php and asp code before in W3C school webiste, but php and asp code is also easily seen by viewers in web.

Any suggestion for internet language to hidding the code  at least some part of it ?

If possible, could you provide a simple code for study or good wesite to start.

Please advise

Duncan
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css"> 
* {
font-size:15px;
font-family:Tahoma, Arial, 'Trebuchet MS', Verdana;
}
 
html,body {
background-color: #FFFFFFF ;
margin:1px;
padding:0;
height:100%;
 
}
 
</style>
<title >Testing Site</title>
 
 
<script type="text/javascript"> 
 
 
 
// e - event, el - element, fn- callback function
function checkEnter(e, el,fn) {
    var key=e.keyCode || e.which;
    if (key==13){
       fn();
el.value='';
return false;
    }
    return true;
}
 
function formSubmit() {
 
  var my_val = document.getElementById('text1').value;
var xmlhttp = false
if (window.XMLHttpRequest)
  {// code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
//alert("XMLHTTP Exists!");
  }
else
  {// code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
 
// check if value is empty
  if ( my_val.length > 0) { 
 
xmlhttp.open("GET", "http://www.exampledomain.com/"+ my_val +".html?Load",true);
xmlhttp.setRequestHeader("Cache-Control", "no-cache");
 xmlhttp.onreadystatechange=function() {
  if (xmlhttp.readyState==4) {
   if (xmlhttp.status==200) {//alert("URL Exists!");
parent.mainFrame.document.location.href="http://www.exampledomian.com/"+ my_val +".htm?Load"+new Date().getTime();
var box=document.getElementById("text1");
box.focus();
 
 
}
  
 
    else if (xmlhttp.status==404) alert("File  doesn't exist!")
     else alert("Status is "+xmlhttp.status)
  }
 }
 xmlhttp.send(null)
 
 
 
 
//document.write("This is my first JavaScript!");
 
 
}
}
function init()
{
  parent.mainFrame.document.location.replace( "http://www.exampledomian.com/data.html" );
var box=document.getElementById("text1");
box.focus();
}
 
</script>
</html>

Open in new window

LVL 13
duncanb7Asked:
Who is Participating?
 
Aaron TomoskySD-WAN SimplifiedCommented:
Php and asp eventually output HTML which can always be seen by a browser. What you can't see is the php or asp Source code that created the HTML. The only way to hide more is to use JavaScript but its never really totally hidden because for the browser to display it the user can read it. You could do all you pages as image maps but that's just silly
0
 
IanThCommented:
you will need to disable right click

see
http://www.hypergurl.com/norightclick.html

hope it helps

it wont stop absolute persistant blighters as there are ways around that but it will stop casual right clickers
0
 
Dave BaldwinFixer of ProblemsCommented:
Anything you use to put a page in my browser can be found and downloaded.  'Hiding' code does not increase your security at all.  Any method of hiding code just hides it from the people who mostly don't care.  The people who might care, from crooks to government agencies, have ways of seeing your code.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
duncanb7Author Commented:
how can I call javascript function so people could not read my code ?
I mean I put all of my code into javascript function and call it on

init is javascript script file stored in my domain

<body init():>

<body>

 IS it possible, I have seen a lot of website , we cound not see their code because
they call it in javascript function and in asp ?
0
 
Aaron TomoskySD-WAN SimplifiedCommented:
Yes, but you can just download the js file or watch it process in firebug.
You are asking how to print a book so people can read the words but not see the letters. You can't. This exact same question pops up every few weeks an we give the exact same answer every time.
0
 
Dave BaldwinFixer of ProblemsCommented:
ASP, ASP.NET and PHP are server side languages and you can't see that code.  However, they send HTML to the browser and that can be seen along with any javascript and CSS.  If the browser can't 'see' it, it can't be executed.

There are things you can do on the server and things that have to done in the browser.  Anything done in the browser can be seen.
0
 
duncanb7Author Commented:
aarontmosky,

Clarify it a little bit, you mean, even I stored the script code into other js file stored in my doma in site.
People could also download it, Is it right ? but I don't put it into my ftp directory, how they download.

And if using firebug add-on firefox, please could read all hidden javascritp code, is it right ?

in other words, if what you said correct,  the only way to hidden the code is converting all javascript code
into php or asp code so people could not read it , Is it right ?
0
 
Dave BaldwinFixer of ProblemsCommented:
Javascript has to be stored where it can be downloaded or else the browser can't download it and run it.  For the browser to run it, it has to be listed in the source code for the web page.  I can look at the source by clicking on "View Source" and get the location of the javascript file and then download it.
0
 
duncanb7Author Commented:
today i test it with firebug, debugger , all code could been seen even asp file

So in other words, if what you said correct,  the only way to hidden the code is converting all javascript code
into php so people could not read it , Is it right ?
0
 
Dave BaldwinFixer of ProblemsCommented:
Depends.  What are you trying to hide?  The HTML that the browser uses to display the page will always be visible.
0
 
AlexPaceCommented:
You can only hide server-side stuff.  Like the HTML, any javascript or executed by the client will also be visible.  If you dig around in the browser cache you can find it all.
0
 
Ray PaseurCommented:
we could not see their code because they call it in javascript function

Sorry, but computers don't work like that.  The only reason you could not see their "code" is because you did not know where to look.

Here is a brief breakdown of the client-server protocol that underlies the WWW.  For more information google the writings of Roy Fielding.

Clients, mostly personal computers, make requests.  Servers, mostly racks of Linux machines, make responses.  The internet connects these things together so people can use the WWW by acting as clients and making requests of servers.  Web browsers are computer programs running on the client computers.  They speak a language called HTML.  They also have a CSS interpreter, a JavaScript interpreter, plug-ins for Flash and other file types, etc.  The information you see on your computer screen is rendered visible by the browser.  Anything and everything that appears on your screen came through your browser, and if it came through your browser it can be stored, copied, decoded, read, modified, retransmitted, etc.  Trying to hide this information is a fools errand.  The whole purpose of browser output is to create information that can be displayed, stored, copied, decoded, read, modified, retransmitted, etc.!  Trying to hide or obscure this is like writing in a book with invisible ink.  It may be fun for you, but it's useless and contradictory to purpose.

The servers that prepare the information are a different thing.  Server-side languages like PHP and ASP and ColdFusion manipulate data that is on the server (not the client).  They create HTML, CSS and JavaScript that gets sent to clients in response to the client requests.  The client does not see or understand (and does not need to see or understand) the server side of the process.  This programming and data model can remain hidden from client view.  Example:  The code snippets contain (1) HTML and (2) PHP that creates HTML.  You will see the same results from both of these, and you will not be able to tell which method was used to create the browser output.
<h2>Hello World</h2>

Open in new window

<?php
error_reporting(E_ALL);
echo "<h2>Hello World</h2>";
die();

Open in new window


This is called the RESTful interface.  It is simple and elegant.  It exposes what is intended to be exposed and obscures what is best kept as a secret of the server.  There is a Wikipedia article on REST that you might find interesting.
http://en.wikipedia.org/wiki/Representational_State_Transfer

HTH, ~Ray
0
 
duncanb7Author Commented:
Th banks for all of you to reply this
email, more understanding
to code hidden
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.