Re: Stop View Source
On Thursday 06 Dec 2007, Russ wrote: Right, but are there decompilers that decompile Flash 8+ based swfs back to ActionScript? I've only seen one Flash 9 (AS2) decompiler, and it only got back to the ABC, not real actionscript. That was a few months ago though. -- Tom Chiverton Helping to synergistically streamline edge-of-your-seat CEOs on: http://thefalken.livejournal.com Please note, as of 10th December 2007 the registered office address of Halliwells LLP will be at 3 Hardman Square, Spinningfields, Manchester, M3 3EB This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com. ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294291 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Stop View Source
Can they really? I've had luck decompiling Flash 7 files, but nothing after Flash 8, although I haven't tried in a while. Are there decent flash decompilers out now that can decompile flex? Russ -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 11:45 AM To: CF-Talk Subject: RE: Stop View Source Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) and they can be decompiled. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294267 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
On Oct 19, 2007 9:41 AM, Brad Wood [EMAIL PROTECTED] wrote: If by source, you mean HTML and JavaScript the short answer is no. There are things you can do (JS encryption, disable right click, etc.) but ultimately none of those are CF-related. Since you cannot control the client (browser) there is no surefire way to stop anyone. Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) ~Brad The source code is meant to be sexy. In that if you view the source it's all inline, indented and looks clean what would you want to hide? I see some people who still choose to use HTML comments in their layout design because it gives the reader a sense of where they are in the code which is difficult to understand in todays css / div world. View source is your friend, not enemy. If you want to hide origins of things, call them using cfsavecontent. ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294272 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
Right, but are there decompilers that decompile Flash 8+ based swfs back to
ActionScript?
Russ
-Original Message-
From: Alan Rother [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 05, 2007 6:45 PM
To: CF-Talk
Subject: Re: Stop View Source
Flex is just a tool for generating swfs. The decompilers I've used can
decompile it back to actionscript, but not back to it's MXML. That
would be extremely difficult.
On Oct 19, 2007 10:49 AM, Russ [EMAIL PROTECTED] wrote:
Can they really? I've had luck decompiling Flash 7 files, but nothing
after Flash 8, although I haven't tried in a while. Are there decent
flash
decompilers out now that can decompile flex?
Russ
-Original Message-
From: Dave Watts [mailto:[EMAIL PROTECTED]
Sent: Friday, October 19, 2007 11:45 AM
To: CF-Talk
Subject: RE: Stop View Source
Well, I guess one way would be to re-write your site using
Flex. Swf files are compiled... :)
and they can be decompiled.
Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
Fig Leaf Software provides the highest caliber vendor-authorized
instruction at our training centers in Washington DC, Atlanta,
Chicago, Baltimore, Northern Virginia, or on-site at your location.
Visit http://training.figleaf.com/ for more information!
~|
Check out the new features and enhancements in the
latest product release - download the What's New PDF now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294269
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
Flex is just a tool for generating swfs. The decompilers I've used can decompile it back to actionscript, but not back to it's MXML. That would be extremely difficult. On Oct 19, 2007 10:49 AM, Russ [EMAIL PROTECTED] wrote: Can they really? I've had luck decompiling Flash 7 files, but nothing after Flash 8, although I haven't tried in a while. Are there decent flash decompilers out now that can decompile flex? Russ -Original Message- From: Dave Watts [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 11:45 AM To: CF-Talk Subject: RE: Stop View Source Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) and they can be decompiled. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294268 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Stop View Source
Flex is just a tool for generating swfs. The decompilers I've used can decompile it back to actionscript, but not back to it's MXML. That would be extremely difficult. There is no back to MXML - that gets converted to Actionscript, which is then compiled to SWF bytecode. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:294283 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source 2
Correct. Can we let this drop now? I think the point has been driven into the ground: you can't stop people from inspecting anything that is rendered or processed in the browser. Let's move on, because somehow this thread just won't die even though the point was made in the first reply. On 10/19/07, Richard White [EMAIL PROTECTED] wrote: thanks again for your replies. so i am judging by your responses that no one really does anything to protect their code as it is pointless? if someone wants to get it they will! ~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finderproductID=1522loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291653 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Stop View Source
Ermm, how about taking a screen shot and sending the user a jpeg! Everybody's happy :OD -Original Message- From: Brian Kotek [mailto:[EMAIL PROTECTED] Sent: 19 October 2007 16:44 To: CF-Talk Subject: Re: Stop View Source Nothing, repeat, nothing, you do can stop someone from viewing the HTML source of a web page in the browser. The browser HAS to get the HTML in order to render it. And if the browser has it, the user can look at it. On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks Richard ~| Get involved in the latest ColdFusion discussions, product development sharing, and articles on the Adobe Labs wiki. http://labs/adobe.com/wiki/index.php/ColdFusion_8 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291655 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source 2
Ok thanks to everyone for helping me understand this Richard ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291656 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
Richard, here is everything you need to know about protecting client-side code and images: http://www.digitalmidget.com/help/noclick/index.php :-) -- [EMAIL PROTECTED] Janitor, The Robertson Team mysecretbase.com ~| Check out the new features and enhancements in the latest product release - download the What's New PDF now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291665 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source 2
Let's move on, because somehow this thread just won't die Right. It's time to start a new one. How about coldFusion dying? ;-) -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finderproductID=1522loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291671 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Stop View Source
If by source, you mean HTML and JavaScript the short answer is no. There are things you can do (JS encryption, disable right click, etc.) but ultimately none of those are CF-related. Since you cannot control the client (browser) there is no surefire way to stop anyone. Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) ~Brad -Original Message- From: Richard White [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 10:16 AM To: CF-Talk Subject: Stop View Source Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291556 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
I remember reading something that said in ColdFusion we can stop people from viewing the page source code. This quote could be referring to our actual CF code. In that case, no one can read your CF code without direct access to your server. By the time it gets to the end user, it's pure HTML If thats what he meant. Otherwise I agree with everyone else, trying to protect your JS and HTML is a total waste of time. Keep in mind, you are literally sending these files to people who visit your website. When they go to it, your server intentionally sends them copies of your JS and HTML and it gets stored on the users computer. =] -- Alan Rother Adobe Certified Advanced ColdFusion MX 7 Developer Manager, Phoenix Cold Fusion User Group, AZCFUG.org ~| Check out the new features and enhancements in the latest product release - download the What's New PDF now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291593 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
I think that we have belted the point home that you cannot do what you want to. :) Maybe the next question would be why are you trying to do this, and maybe there is an alternative way to tackle the problem? On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks Richard ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291600 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
You're not talking about the CFML code, are you? It IS possible to encrypt your ColdFusion code in the .cfm files, but I that can be decrypted as well back into Java by anyone with access to the web server. (I'm thinking that is technically illegal though to decrypt CFML). Just wanted to clarify what you meant by page source code ~Brad -Original Message- From: Richard White [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 10:16 AM To: CF-Talk Subject: Stop View Source Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks ~| Get involved in the latest ColdFusion discussions, product development sharing, and articles on the Adobe Labs wiki. http://labs/adobe.com/wiki/index.php/ColdFusion_8 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291587 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
not to mention that the script only disables right-clicking. doesn't
stop me from hitting 'View' - 'Page Source' on the menu. Or from
digging thru my cache and pulling up the page locally.
On 10/19/07, Raymond Camden [EMAIL PROTECTED] wrote:
Which works real well when I disable JS. ;)
On 10/19/07, Bruce Sorge [EMAIL PROTECTED] wrote:
Here is a little script that I use.
script language=JavaScript
!--
var message=;
function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
document.oncontextmenu=new Function(return false)
// --
/script
Richard White wrote:
Hi,
I remember reading something that said in ColdFusion we can stop people
from viewing the page source code.
I would appreciate any help as to whether this is this possible and how
we would go about doing it
Thanks
Richard
~|
Check out the new features and enhancements in the
latest product release - download the What's New PDF now
http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291588
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
Can't you decompile the applet and figure out how to decrypt the js? Russ -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 3:31 PM To: CF-Talk Subject: Re: Stop View Source we will look into JS encryption I remember having developed an (almost) perfect way to hide Javascript code from a page. The idea was to encrypt it, send it encrypted as a string to a Java applet. This applet decrypted the script, and passed it to the browser for execution. It worked well with Netscape 4, IE 4, may be IE 5 also, but with more recent browsers, there is alwas a way to see the code after it has been decrypted. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291621 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
we will look into JS encryption I remember having developed an (almost) perfect way to hide Javascript code from a page. The idea was to encrypt it, send it encrypted as a string to a Java applet. This applet decrypted the script, and passed it to the browser for execution. It worked well with Netscape 4, IE 4, may be IE 5 also, but with more recent browsers, there is alwas a way to see the code after it has been decrypted. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291614 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
thanks again for your replies. so i am judging by your responses that no one really does anything to protect their code as it is pointless? if someone wants to get it they will! ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291630 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
I'm pretty sure it's irrelevant. You can use Firebug to look at the JavaScript that the browser is executing after the applet decrypts it. Not to mention that plenty of people have security settings enabled that will run JavaScript but not applets. On 10/19/07, Russ [EMAIL PROTECTED] wrote: Can't you decompile the applet and figure out how to decrypt the js? Russ ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291625 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
Heh, anything that gets sent to the browser can be inspected in fiddler or even firebug. And, if your applet or decryption process can be run in the browser, someone can reverse engineer it to get at your code. All you will protect yourself from are casual users, anyone with some experience will be able to get at your code ;) Chris Peterson Gainey IT Adobe Certified Advanced Coldfusion Developer -Original Message- From: Claude Schneegans [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 3:31 PM To: CF-Talk Subject: Re: Stop View Source we will look into JS encryption I remember having developed an (almost) perfect way to hide Javascript code from a page. The idea was to encrypt it, send it encrypted as a string to a Java applet. This applet decrypted the script, and passed it to the browser for execution. It worked well with Netscape 4, IE 4, may be IE 5 also, but with more recent browsers, there is alwas a way to see the code after it has been decrypted. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291623 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
What was the name of that site/URL a few years back where you had to hack the page in order to get to the next page? That was a fun little demonstration of security by obscurity. Some of them were pretty tricky. wish I could remember the name On 10/19/07, Claude Schneegans [EMAIL PROTECTED] wrote: Just keep in mind, all you are doing is slowing someone down. If they are determined, they will get your source code. Exactly, and another way to look at it is that any hiding scheme will only prevent those who hardly see a difference between a PC and a toaster from getting the code. In other words, it will only stops those who will never even try to see the code. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291622 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
You can use Firebug to look at the JavaScript that the browser is executing after the applet decrypts it. Exact, but as I said, I developped this many years ago, by the times Netscape 4 was the master in the net, and there was no Firebug. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291632 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source 2
thanks again for your replies. so i am judging by your responses that no one really does anything to protect their code as it is pointless? if someone wants to get it they will! Yes, that is absolutely true for any client-side code. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291635 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
Just keep in mind, all you are doing is slowing someone down. If they are determined, they will get your source code. Exactly, and another way to look at it is that any hiding scheme will only prevent those who hardly see a difference between a PC and a toaster from getting the code. In other words, it will only stops those who will never even try to see the code. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291615 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
Well actually I think the point about making your app in flex is a good idea. While there MAY be a way to decompile it at some point in the future, I don't think there is one now. Russ -Original Message- From: Crow T. Robot [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 1:49 PM To: CF-Talk Subject: Re: Stop View Source I think that we have belted the point home that you cannot do what you want to. :) Maybe the next question would be why are you trying to do this, and maybe there is an alternative way to tackle the problem? On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks Richard ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291611 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
Again, nothing is perfect. There is always a way to view source. Claude Schneegans wrote: Here is a little script that I use. This is a masterpiece of naivety ;-) It will only disable right click, but not View Source from the tool bar. Nor it will disable right click if Javascript is disabled. ~| Create robust enterprise, web RIAs. Upgrade to ColdFusion 8 and integrate with Adobe Flex http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291605 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
In fact this is a perfect example. I'm in Gmail now and in the sidebar is an add for a site called HTML-Protector dot com (not linking to them to avoid giving them any Google ranking help). This site claims that it will totally protect your web site, including making it impossible to get any of the images, making it impossible to get a screenshot, and making it impossible to decipher the HTML. Total BS. In 1 minute I was able to: take a screenshot of the page grab an image look at the raw HTML (here's a sample) tr td style=padding-left: 40px; padding-right: 40px; class=text12 p align=justifyfont color=#33bu font style=font-size: 11pt;You absolutely CANNOT/font/ufont style=font-size: 11pt;:/font/bfont style=font-size: 11pt;br/ /font br/ /fontbimg width=12 height=12 border=0 align=absmiddle src=images/bullet.gif/ /b font color=#33View this page WITHOUT entering the test passwordbr/ br/ /fontbimg width=12 height=12 border=0 align=absmiddle src=images/bullet.gif/ /b font color=#33Make ANY sense out of the HTML -- just try clicking View Source!br/ br/ /fontbimg width=12 height=12 border=0 align=absmiddle src=images/bullet.gif/ /b font color=#33View this page OFFLINE, or anywhere other thanbr/ a href=http://www.html-protector.com/encrypt/sample.htm; www.html-protector.com/encrypt/sample.htm/abr/ br/ /fontbimg width=12 height=12 border=0 align=absmiddle src=images/bullet.gif/ /b font color=#33Right-click ANYWHERE on this page, nor highlight textbr/ br/ /fontbimg width=12 height=12 border=0 align=absmiddle src=images/bullet.gif/ font color=#33span style=font-weight: 400;PRINT/span/font/bfont color=#33 this page - or even take a screenshot! (Certain Mozilla-based browsers may override this)br/ br/ /fontbimg width=12 height=12 border=0 align=absmiddle src=images/bullet.gif/ /bRetrieve this page from your cache... It expires IMMEDIATELY!/pp align=justifyfont color=#33 In other words, they're completely lying. They made it harder to do than a non-obfuscated page, but it still only took about a minute to get around it. On 10/19/07, Brian Kotek [EMAIL PROTECTED] wrote: You're missing the point I think. You aren't going to be able to stop people from looking at the source code for anything that the browser renders or processes (and that includes JavaScript). The browser has to be able to run it, and if the browser can run it, the user can look at it. There is no way around this. On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi thanks for all your replies. Ok so the html is not possible but was interested in the fact that JS could be encrypted as we have noticed that CF code does not show but the JS along with comments does. we will look into JS encryption thanks ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291604 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
You're missing the point I think. You aren't going to be able to stop people from looking at the source code for anything that the browser renders or processes (and that includes JavaScript). The browser has to be able to run it, and if the browser can run it, the user can look at it. There is no way around this. On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi thanks for all your replies. Ok so the html is not possible but was interested in the fact that JS could be encrypted as we have noticed that CF code does not show but the JS along with comments does. we will look into JS encryption thanks ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291599 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
Nothing is perfect. I can always find a way to view source when they appear to have all avenues blocked. Raymond Camden wrote: Which works real well when I disable JS. ;) ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291603 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
Hi thanks for all your replies. Ok so the html is not possible but was interested in the fact that JS could be encrypted as we have noticed that CF code does not show but the JS along with comments does. we will look into JS encryption thanks ~| Enterprise web applications, build robust, secure scalable apps today - Try it now ColdFusion Today ColdFusion 8 beta - Build next generation apps Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291589 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
And you can decompile a .swf. If you don't want someone to get it, then don't make it available. It's a catch-22, no way around it. Steve Cutter Blades Adobe Certified Professional Advanced Macromedia ColdFusion MX 7 Developer _ http://blog.cutterscrossing.com Brad Wood wrote: If by source, you mean HTML and JavaScript the short answer is no. There are things you can do (JS encryption, disable right click, etc.) but ultimately none of those are CF-related. Since you cannot control the client (browser) there is no surefire way to stop anyone. Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) ~Brad -Original Message- From: Richard White [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 10:16 AM To: CF-Talk Subject: Stop View Source Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks ~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finderproductID=1522loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291580 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
On 10/19/07, Richard White [EMAIL PROTECTED] wrote: I remember reading something that said in ColdFusion we can stop people from viewing the page source code. either you're remembering incorrectly or you were being lied to :) your CFML will be parsed out by the CF server and rendered into HTML... but as far as the markup that's sent from the server to the client... there's nothing that can be done. -- Charlie Griefer ...All the world shall be your enemy, Prince with a Thousand Enemies, and whenever they catch you, they will kill you. But first they must catch you, digger, listener, runner, prince with a swift warning. Be cunning and full of tricks and your people shall never be destroyed. ~| Get involved in the latest ColdFusion discussions, product development sharing, and articles on the Adobe Labs wiki. http://labs/adobe.com/wiki/index.php/ColdFusion_8 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291572 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
On Friday 19 Oct 2007, [EMAIL PROTECTED] wrote: Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) I've seen a half finished decompiler. It gets back to the ABC (abstract byte code) but not yet the MXML. I suspect too much information may have been removed to do that, but it's not certain by a long shot. -- Tom Chiverton. Are you a great ColdFusion programmer, who knows Reactor and ColdSpring, and has done some Flex work ? Would you like to work for a top 30 law firm in Manchester, UK ? Are not an agency ? If yes, send email ! This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291568 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Stop View Source
Yep, I agree with Tom, if we're talking html then this is completely impossible. Rob -Original Message- From: Tom Chiverton [mailto:[EMAIL PROTECTED] Sent: 19 October 2007 15:57 To: CF-Talk Subject: Re: Stop View Source On Friday 19 Oct 2007, [EMAIL PROTECTED] wrote: can stop people from viewing the page source code. This is impossible (assuming you mean the HTML output). -- Tom Chiverton. Are you a great ColdFusion programmer, who knows Reactor and ColdSpring, and has done some Flex work ? Would you like to work for a top 30 law firm in Manchester, UK ? Are not an agency ? If yes, send email ! This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. ~| Get involved in the latest ColdFusion discussions, product development sharing, and articles on the Adobe Labs wiki. http://labs/adobe.com/wiki/index.php/ColdFusion_8 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291574 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
Well, I guess one way would be to re-write your site using Flex. Swf files are compiled... :) and they can be decompiled. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291576 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Stop View Source
Do you mean the browser view source option, where the client-side code (HTML, JavaScript, CSS, etc.) can be seen? If so, then yes, there is one way and one way only to prevent the source from being seen - simply disconnect your web server from the Internet. Other than that, no. --- Ben -Original Message- From: Richard White [mailto:[EMAIL PROTECTED] Sent: Friday, October 19, 2007 11:16 AM To: CF-Talk Subject: Stop View Source Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks Richard ~| Check out the new features and enhancements in the latest product release - download the What's New PDF now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291571 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
Here is a little script that I use. This is a masterpiece of naivety ;-) It will only disable right click, but not View Source from the tool bar. Nor it will disable right click if Javascript is disabled. -- ___ REUSE CODE! Use custom tags; See http://www.contentbox.com/claude/customtags/tagstore.cfm (Please send any spam to this address: [EMAIL PROTECTED]) Thanks. ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291577 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
On Friday 19 Oct 2007, [EMAIL PROTECTED] wrote: Here is a little script that I use. script language=JavaScript NoScript extension for FireFox. wget. Beginning to see my point ? -- Tom Chiverton. Are you a great ColdFusion programmer, who knows Reactor and ColdSpring, and has done some Flex work ? Would you like to work for a top 30 law firm in Manchester, UK ? Are not an agency ? If yes, send email ! This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. ~| ColdFusion 8 - Build next generation apps today, with easy PDF and Ajax features - download now http://download.macromedia.com/pub/labs/coldfusion/cf8_beta_whatsnew_052907.pdf Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291567 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
Re: Stop View Source
Nothing, repeat, nothing, you do can stop someone from viewing the HTML source of a web page in the browser. The browser HAS to get the HTML in order to render it. And if the browser has it, the user can look at it. On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks Richard ~| Get the answers you are looking for on the ColdFusion Labs Forum direct from active programmers and developers. http://www.adobe.com/cfusion/webforums/forum/categories.cfm?forumid-72catid=648 Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291578 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
On Friday 19 Oct 2007, [EMAIL PROTECTED] wrote: can stop people from viewing the page source code. This is impossible (assuming you mean the HTML output). -- Tom Chiverton. Are you a great ColdFusion programmer, who knows Reactor and ColdSpring, and has done some Flex work ? Would you like to work for a top 30 law firm in Manchester, UK ? Are not an agency ? If yes, send email ! This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at St James's Court Brown Street Manchester M2 2JF. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 8008. For more information about Halliwells LLP visit www.halliwells.com. ~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finderproductID=1522loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291561 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
Here is a little script that I use.
script language=JavaScript
!--
var message=;
function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
document.oncontextmenu=new Function(return false)
// --
/script
Richard White wrote:
Hi,
I remember reading something that said in ColdFusion we can stop people from
viewing the page source code.
I would appreciate any help as to whether this is this possible and how we
would go about doing it
Thanks
Richard
~|
Enterprise web applications, build robust, secure
scalable apps today - Try it now ColdFusion Today
ColdFusion 8 beta - Build next generation apps
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291557
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
On 19/10/2007, Richard White [EMAIL PROTECTED] wrote: Hi thanks for all your replies. Ok so the html is not possible but was interested in the fact that JS could be encrypted as we have noticed that CF code does not show but the JS along with comments does. As a matter of interest, why do you want to protect your javascript? -- mac jordan www.webhorus.net www.nibblous.com www.photocena.com ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291597 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Stop View Source
Just keep in mind, all you are doing is slowing someone down. If they are determined, they will get your source code. ~Brad we will look into JS encryption ~| Download the latest ColdFusion 8 utilities including Report Builder, plug-ins for Eclipse and Dreamweaver updates. http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291594 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
Which works real well when I disable JS. ;)
On 10/19/07, Bruce Sorge [EMAIL PROTECTED] wrote:
Here is a little script that I use.
script language=JavaScript
!--
var message=;
function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
document.oncontextmenu=new Function(return false)
// --
/script
Richard White wrote:
Hi,
I remember reading something that said in ColdFusion we can stop people
from viewing the page source code.
I would appreciate any help as to whether this is this possible and how we
would go about doing it
Thanks
Richard
~|
Download the latest ColdFusion 8 utilities including Report Builder,
plug-ins for Eclipse and Dreamweaver updates.
http;//www.adobe.com/cfusion/entitlement/index.cfm?e=labs%5adobecf8%5Fbeta
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291570
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Stop View Source
You mean the source in the browser or the CF source? You can't stop people from viewing the generated HTML in the browser. CF won't show up there as the server strips it out - unless you break something. If you want to hide the CF code on the server itself, you can use the encode command like (encrypt command line maybe, I forget), but that encryption was cracked a long time ago. It will only keep honest people honest. On 10/19/07, Richard White [EMAIL PROTECTED] wrote: Hi, I remember reading something that said in ColdFusion we can stop people from viewing the page source code. I would appreciate any help as to whether this is this possible and how we would go about doing it Thanks Richard ~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finderproductID=1522loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:291559 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
