View Full Version : can i hide the javascript code from being view by the view source function

12-30-2003, 08:05 PM
i want to insert a javascript code in the jsp page, can the java script code being hide. while user right the browser for view source?

Philip M
12-30-2003, 08:13 PM
No. Non. Nee. Nein. Nyet.

Willy Duitt
12-30-2003, 08:17 PM
10 steps to hide your code

1. Use the <INVISIBLE> </INVISIBLE> tags around the entire document.
2. Use the DONTSTEAL attribute in the <BODY> tag.
3. Ftp to your server, select all files and directories, hit "Delete".
4. Put every existing copy of every file on floppies, place them in a shoebox and bury them in the backyard. There is another version of this method which involves placing the floppies in a plastic bag and hiding them in a different sort of hole. Both are equally effective.
5. Password protect your entire site and make sure no one has the password, not even you.
6. Employ a small but fanatically loyal and well-armed band of mercenaries to guard your site.
7. Start>Run>format C:\
8. Attack dogs, preferably rabid.
9. Use any version of Microsoft Frontpage to create your site. (This won't prevent people from viewing your source, but no one will want to steal it.)
10. Don't put your pages on the web.

Ok, that was a bit of fun. :D
Here's the real lowdown on hiding your source code:

It can't be done.
The only truly effective method in the list above is #10


Willy Duitt
12-30-2003, 08:27 PM
FWIW: Although this method is not foolproof. You can
bury a snippet of javascript within your source code which
forwards to you the document.URL of any page using the script
which is called from a domain that it was not intended for.

<script type="text/javascript">
if(!new RegExp('.*YOUR_DOMAIN\\.com.*').test(document.URL)){

This will not stop someone from taking your code.
But if successful, it will alert you to who took it.


12-31-2003, 01:30 AM

Philip M
12-31-2003, 08:45 AM
To try to be helpful, it IS possible to disguise your code so as
to frustrate/handicap some potential thieves.

An example:-


I do realise that Willi Duitt and Sykzyx will smash their way through in a few seconds, but many ordinary mortals will be puzzled. You can encode "language" and "javascript" as well if you wish.

If you give your .js file a strange name such as kseqrtpls.js then it is less obvious.

12-31-2003, 08:53 AM
Although if you do try to protect your source code with a method like that, it may only encourage thieves by making them more agrivated, and so provoking them.

Jeff Mott
12-31-2003, 03:24 PM
but many ordinary mortals will be puzzledOnly people familiar with JavaScript would care to see JavaScript code. Thus, the only people it would stop are those who don't care to get it.

Willy Duitt
12-31-2003, 04:50 PM
Heh Philip;

Actualy to improve the success rate of the alerting method I posted, I also employ the encryption method you posted in an attempt to mask the domain and form address. It is also helpful to encrypt several global variables within the encryption which if removed, would break the script.

I wholeheartedly agree with everyone that none of these methods will stop an experienced programmer, but I have found that experienced programmers will respect the work of others and generally only dissect your routines and learn from them.

It's the cut & pasters who tend to steal entire scripts (or pages for that matter) and then go out of their way to remove any credits which may be present. Whats worse, it's these same people who will slap numerous copywrite notices all over their site claiming their work is original and can not be reproduced.


Philip M
12-31-2003, 07:46 PM
My philosophy is that there are three classes of thief of both goods (such as cars, bicycles, computers) and intellectual property:-

a) Opportunistic Thief. Will steal if an easy opportunity presents itself (item to be stolen is left unguarded). Easily deterred by simple precautions such as locks, grilles, security cameras and so forth.

b) Determined Thief. Deliberately attempts to break through security precautions and systems - but is really an amateur and may or may not succeed. If he finds the task difficult or time consuming is likely to move on to an easier target, especially if the value of the items coveted is not obvious. This is the basis of most home security - encourage the burglars to move on to the next house!

c) Professional Thief. Can overcome pretty well all security precautions, pick locks, blow safes etc., but does not waste his time and skill on low value items. Only interested in really valuable stuff. Hence in the case of a professional programmer is unlikely to bother with other people's code (especially a noob's code!!), bearing in mind that he can write it himself - maybe better.

By the way, someone once explained to me the difference between an amateur and a professional. An amateur practices until he can get it right. A professional practices until he cannot get it wrong.

I should say that in this context I am only an amateur!

Happy 2004!