Re: Stopping someone From Steeling Your Scripts

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Thomas A. Rowe (tarowe_at_mvps.org)
Date: 02/24/04 

Date: Tue, 24 Feb 2004 18:08:04 -0500

_private still will not protect your JavaScript and may cause the user to be
prompted for your server login to view any page with the script linked to it
from the _private folder.

JavaScript is client-side, meaning that it is executed in the browser,
therefore it must be available to the browser when the browser requests a
page with a link to the script. External JavaScript (.js) files will be
downloaded to the user's machine.

Bottomline, you can not hide JavaScript code! 

-- 
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)
http://www.ycoln-resources.com
FrontPage Resources, WebCircle,
MS KB Quick Links, etc.
==============================================
To assist you in getting the best answers for FrontPage support see:
http://www.net-sites.com/sitebuilder/newsgroups.asp
" JCO" <J.Oliviero@verizon.net> wrote in message
news:LfQ_b.3036$Xv2.1070@nwrddc03.gnilink.net...
> That is a good idea.  I never knew what the _private was for.  I figure
> internal only.
> I will have to modify the scripts since the path will be different.
>
> "Steve Easton" <admin@95isalive.com> wrote in message
> news:%23BEUmbx%23DHA.3772@TK2MSFTNGP11.phx.gbl...
> > See if your script will still run if you place it inside the _private
> > folder.  The private folder is not accessible to the "outside world" but
> > *normally* is if used for something inside the web.  ( depending upon
> > permission settings )
> >
> >
> > Also, if your site is hosted on an Apache/UNIX server you can use
> .htaccess
> > and .htpasswd files for password protection.
> > These can not be accessed from outside when done correctly.  It takes a
> > little "learning" but once you do it it's simple.
> >
> > If need be and you can use them, I can create a set and e-mail them to
> you.
> > Also if your server has the web masters CPanel,
> > check the Access Menu for a feature called Web Protect.
> >
> > -- 
> > Steve Easton
> > MS MVP FrontPage
> > 95isalive
> > This site is best viewed..................
> > ..............................with a computer
> >
> > " JCO" <J.Oliviero@verizon.net> wrote in message
> > news:nxO_b.4041$921.1942@nwrddc02.gnilink.net...
> > > Thanks for both response.
> > > If a JavaScript that is put in a folder named My_Scripts contains a
> > > password, it seems that anyone can get those scripts and see the
content
> > (I
> > > think).  I did not put stuff in the html for this reason.  I did put a
> > > validation form in a script that contains a password.
> > >
> > > I know their are a thousand ways to do passwords.  My server is a free
> > host,
> > > therefore, server side help is out of the question.  I just thought
> folks
> > > can get the html but not the scripts.... is this true.
> > >
> > >
> > > "chris leeds" <chris@nedp.net> wrote in message
> > > news:eh1M3Rx%23DHA.1732@TK2MSFTNGP12.phx.gbl...
> > > > server side stuff is pretty secure since it gets processed before it
> > gets
> > > > sent to the browser.
> > > > HTH
> > > > what kind of scripts are you worrying about?
> > > >
> > > > " JCO" <J.Oliviero@verizon.net> wrote in message
> > > > news:PaO_b.2353$Xv2.624@nwrddc03.gnilink.net...
> > > > > I don't understand how you are suppose to stop someone from
steeling
> > > your
> > > > > scripts...once they are published.  What if you have scripts that
> you
> > > > don't
> > > > > want others to read.
> > > > >
> > > > > It seems that anyone can go to your server and get most of the
> > > > information.
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: help getting value of cell and passing to PHP file
    ... locally run VBScript file using task scheduler on one of my servers. ... to click on any cell entry and have it send that value along with the server ... original script. ... think that might require some javascript as well though.. ...
    (comp.lang.javascript)
  • Re: ASP, Javascript Frontpage 2000
    ... The asp script you posted will work just fine - assuming your server ... like PHP to me) to grab the ip and javascript to display it. ...
    (microsoft.public.frontpage.client)
  • Re: How can I read html data of other site (with javascript or etc)?
    ... displayed contents of site X might be to use javascript to pass the ... current page's url to site Y and have the server app do an httpRequest ... I also wanted to prompt more discussion of easyXDM among the browser ... Assuming the bookmarklet loaded a script ...
    (comp.lang.javascript)
  • Re: Refreshing parts of a web site
    ... AJAX script that checks the server every X minute and change the ... I found and modified a JavaScript that updates a div tag. ... Half lies are worth twice as much as whole lies. ...
    (alt.html)
  • Re: History Replacement And New Location Combined
    ... will stop your script dead in its tracks. ... In his book "JavaScript - The Definitive Guide", ... clear the URL entry field in our form. ... Server Side Includes). ...
    (comp.lang.javascript)