Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: how protect external javascript

  1. #1
    Join Date
    Jul 2010
    Posts
    45
    Thanks
    6
    Thanked 4 Times in 2 Posts

    Question how protect external javascript

    hello,
    I have designed a web site. but I want to protect my external javascript(and css also) from outside people, who steal my javascript.

    can anyone tell me a method to hide external javascript(and css) from these knaves...!!!


    thank you

  2. #2
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    You can not.
    Corrections to my coding/thoughts welcome.

  3. #3
    Join Date
    Jul 2010
    Posts
    45
    Thanks
    6
    Thanked 4 Times in 2 Posts

    Default

    Oh! can not!

    can't we get some assistance, at least from sever-side languages ?

  4. #4
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    Server side serves the languages you referred to previously. Server side isn't exposed to the user because it is processed on the server.

    Javascript is client side and can processes actions by the user within the page. Server side languages need to be re-triggered to the server to have a new action. So more than likely what you are doing won't be able to be accomplished with server side alone.

    CSS is kind of a client side language, I guess, if those are the only 2 categories. It's for display purposes if you dont display it the user cant "steal" your style (design, layout, scheme, theme) but it won't display as intended. If you do display it then there has to be a link back to it so the browser knows where to get the data from.

    If you are thinking about php includes/requires those would require you to echo out the source to the browser as inline styles which a user could still copy easily.
    Corrections to my coding/thoughts welcome.

  5. #5
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    Anything that the user sees is downloaded to his/her computer. That is how they see it, never directly from the server. (There's the exception of streaming media, but in that case it still is working the same way, just that it is sent in very small bits at a time and not stored on the user's computer for any length of time.)

    While there is some room to try to protect images or other files, though it always is possible to get around this and in many cases it causes many more problems than it fixes, text files are completely different.

    Text files (javascript, html, css, ...) are sent to the visitor's computer in order to use them. Then they have these files.

    You either do or do not send them, but you cannot send them without sending them-- does that make sense?

    There's no command you can use to force the user to just briefly use the code while on your site and not be able to steal it.

    Of course there's always the protection of copyright, but there isn't any direct way to stop theft.

    Honestly, and don't take this as an insult, your site's CSS and JS cannot possibly be that special that you must protect them. They are just code and even if they are very special, there's really not a way to keep them safe except not releasing them at all.

    The only method that exists for Javascript is "encryption" which is not actually encryption but instead just transforming the code into a format that is difficult to read. But even here it is always possible to reverse the process (because in order to use the code, the visitor's computer must know how to "decrypt" it), so this is a lot of wasted time and results in effectively the same thing.


    The only successful protection you'll find is simply confusing less knowledgeable visitors. Some may be simply confused by external stylesheets. Others may find it harder to find dynamically included files (so you could try to use Javascript to include external css/js files).
    But in the end this will be a waste of time because the users who are stealing your code will probably already know all these tricks and how to get around them.

    Do what you'd like, but I'll say very clearly that if you attempt this you will in some way hurt the experience of your "nice" visitors, while likely not stopping the "bad" visitors from stealing.
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  6. #6
    Join Date
    Jul 2010
    Posts
    45
    Thanks
    6
    Thanked 4 Times in 2 Posts

    Default

    yaa! that's right. may it can't be hide external javascript from user.

    but can it be like this,

    • instead of hide javascript in the header part, we can hide the code in the body part using echo which is calling the javascript

    • then, when someone download the page to local computer, it will not work without that part which we hide using echo.


    can it be possible?

    I tried this several times but I couldn't. so I hope you all will help me.

    thank you.

  7. #7
    Join Date
    Jul 2010
    Posts
    45
    Thanks
    6
    Thanked 4 Times in 2 Posts

    Default

    as an example,

    instead of
    Code:
    <td width="53%"><div align="center">
            <script type="text/javascript">new inter_slide(slides)</script>
    </div></td>
    can use like this code(this is not working)
    Code:
    <td width="53%"><div align="center">
                      <?php echo "<script type="text/javascript">"."new inter_slide(slides)"."</script>" ?>
    </div></td>

  8. #8
    Join Date
    May 2007
    Location
    Boston,ma
    Posts
    2,127
    Thanks
    173
    Thanked 207 Times in 205 Posts

    Default

    Echo puts whatever is inside it in the page, so no it would save with the source exact same source. To try it out try this code.

    PHP Code:
    <?php echo '<script type="text/javascript">new inter_slide(slides)</script>';?>
    You can not do it.
    Corrections to my coding/thoughts welcome.

  9. #9
    Join Date
    Mar 2006
    Location
    Illinois, USA
    Posts
    12,164
    Thanks
    265
    Thanked 690 Times in 678 Posts

    Default

    PHP executes on the server. If the user saves a page, it will also save any code generated from PHP.

    No, it is still not possible.

    If you find a way to NOT send this to the user, then they will not be able to use the Javascript either. I said that before.

    This is like asking someone to read a story you wrote then trying to find a way to make sure they can't steal your idea-- either they read the story and remember it, or they do not read the story and they do not remember it. There's no way to change this. (Of course, like a person's memory, if something interferes, like a virus, that might stop it, but that's the only exception here and certainly not something I'd recommend or suggest is possible from a webpage.)
    Daniel - Freelance Web Design | <?php?> | <html>| espa˝ol | Deutsch | italiano | portuguŕs | catalÓ | un peu de franšais | some knowledge of several other languages: I can sometimes help translate here on DD | Linguistics Forum

  10. #10
    Join Date
    Mar 2005
    Location
    SE PA USA
    Posts
    29,131
    Thanks
    44
    Thanked 3,229 Times in 3,190 Posts
    Blog Entries
    12

    Default

    That's not your javascript anyway, right? It's my:

    http://www.dynamicdrive.com/dynamici...army/index.htm

    which is in the public domain.
    - John
    ________________________

    Show Additional Thanks: International Rescue Committee - Donate or: The Ocean Conservancy - Donate or: PayPal - Donate

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •