473,569 Members | 2,763 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Can Jscript source code be visible in a browser?

WRH
Hello
I am new to asp but I made some Jscript functions which work
fine. The functions contain some strings used as a registration
key for some apps. It is important that these strings not be
visible to a client using a browser. My question is...can a
knowledgeable browser user view Jscript source code in an asp file?
Nov 19 '05 #1
9 3322
JScript is in general very visible on the client.

If you need to protect your source, you will need to use a server side
technology such as ASP.NET.

-Andrew
"WRH" <no*****@videot ron.ca> wrote in message
news:e0******** ********@TK2MSF TNGP10.phx.gbl. ..
Hello
I am new to asp but I made some Jscript functions which work
fine. The functions contain some strings used as a registration
key for some apps. It is important that these strings not be
visible to a client using a browser. My question is...can a
knowledgeable browser user view Jscript source code in an asp file?

Nov 19 '05 #2
Client-side JScript is, like all client-side scripting,
very visible on the client, since it has to be downloaded
to the client before the client can use it.

OTOH, server-side JScript stays hidden from clients,
like all server-side scripting does.

Juan T. Llibre, ASP.NET MVP
ASP.NET FAQ : http://asp.net.do/faq/
ASPNETFAQ.COM : http://www.aspnetfaq.com/
Foros de ASP.NET en Español : http://asp.net.do/foros/
=============== =============== ========
"WRH" <no*****@videot ron.ca> wrote in message
news:e0******** ********@TK2MSF TNGP10.phx.gbl. ..
Hello
I am new to asp but I made some Jscript functions which work
fine. The functions contain some strings used as a registration
key for some apps. It is important that these strings not be
visible to a client using a browser. My question is...can a
knowledgeable browser user view Jscript source code in an asp file?

Nov 19 '05 #3
You could at least obfuscate javascript.
http://www.javascript-source.com/

You could also use Script Encoder from Microsoft.
http://www.microsoft.com/downloads/d...displaylang=en

I tried to use it once, but it wasn't working so well for me...

Nov 19 '05 #4
phtt!!

Both of your suggestions are comparable to leaving your house unlocked, and
taping a note on the front door saying that the door is locked.
You could also use Script Encoder from Microsoft.
I tried to use it once, but it wasn't working so well for me...
This one really cracks me up. I know I'm certainly compelled to give it a
try.

Bob Lehmann
<hi*****@gmail. com> wrote in message
news:11******** **************@ g49g2000cwa.goo glegroups.com.. . You could at least obfuscate javascript.
http://www.javascript-source.com/

You could also use Script Encoder from Microsoft.
http://www.microsoft.com/downloads/d...displaylang=en
I tried to use it once, but it wasn't working so well for me...

Nov 19 '05 #5
WRH
Thanks to all who responded.
I gather that server side side Jscript is ok.

To clarify my first post... the asp file resides on a win2003 server.
(Please excuse my ignorance...doe s this mean I do have
server side script?)

When I access it with a browser on another PC, I do
not see the script source. Even though I don't see it,
I was concerned that perhaps there were ways for
a client to get at it.

"WRH" <no*****@videot ron.ca> wrote in message
news:e0******** ********@TK2MSF TNGP10.phx.gbl. ..
Hello
I am new to asp but I made some Jscript functions which work
fine. The functions contain some strings used as a registration
key for some apps. It is important that these strings not be
visible to a client using a browser. My question is...can a
knowledgeable browser user view Jscript source code in an asp file?

Nov 19 '05 #6
Hi, Bob.
Excuse me for not coming up with a way to hide JavaScript on the client
side.
Both of your suggestions are comparable to leaving your house unlocked,
and taping a note on the front door saying that the door is locked.


Your analogy against my suggestion doesn't seem to be correct. Web
developers are not telling end users that JavaScripts sources are
available, and if you had done web application development at all, you
would know what I suggested is not far from the answer. Moreover, if
you take a look at the JavaScript source of relatively big web sites
like MSN or Amazon, their JavaScripts are obfuscated. That's at least
what we can do as web developers to hide JavaScript. Like Andrew
suggested in this thread, if you don't want to expose your code, you'd
have to do it on the server side. I only suggested the two possible
ways to hide JavaScript in addition to what others suggested here.

Putting that aside, if I may, I could suggest two more ways to possibly
hide important logic from the client side.

1. Use SSL. Although SSL encrypts the HTTP traffic, at least IE doesn't
seem to cache files like Whatever.js. I haven't tried it with other
browsers.

2. Call server-side code to using XMLHTTP.

I guess there isn't really a perfect solution for hiding JavaScript.
The ideal solution would be to entirely encrypt JavaScript, but then,
browsers would have to support such technology. It doesn't seem to
exist today.

Nov 19 '05 #7
> When I access it with a browser on another PC, I do
not see the script source. Even though I don't see it,
I was concerned that perhaps there were ways for
a client to get at it.


OK, so you were concerned about your server side code being exposed.
You don't have to worry about it because the server side ASP .NET code
gets executed, and aspnet worker process generates HTML, and sends it
out to the client through IIS. Your server side code will not be
exposed to the client side. Hope this helps.

Nov 19 '05 #8
WRH
Thnnks so much. One further thought...if it runs on a server
that supports ASP but not ASP .NET is the server side
source still hidden?
(I hope I'm making sense here...I have no experience with
ASP let alone ASP .NET)

<hi*****@gmail. com> wrote in message
news:11******** **************@ g14g2000cwa.goo glegroups.com.. .
When I access it with a browser on another PC, I do
not see the script source. Even though I don't see it,
I was concerned that perhaps there were ways for
a client to get at it.


OK, so you were concerned about your server side code being exposed.
You don't have to worry about it because the server side ASP .NET code
gets executed, and aspnet worker process generates HTML, and sends it
out to the client through IIS. Your server side code will not be
exposed to the client side. Hope this helps.

Nov 19 '05 #9
> if you had done web application development at all, you
would know what I suggested is not far from the answer. Moreover, if
you take a look at the JavaScript source of relatively big web sites
like MSN or Amazon, their JavaScripts are obfuscated. That's at least
what we can do as web developers to hide JavaScript.
I can't help but step in here. I've done *lots* of web development.

The fact that *you* can't read the JavaScript on the MSN or Amazon web sites
doesn't mean it's obfuscated. But just to be sure, let's have a look at the
Amazon.com home page:

<script language="Javas cript1.1" type="text/javascript">
<!--
function amz_js_PopWin(u rl,name,options ){
var ContextWindow = window.open(url ,name,options);
ContextWindow.o pener = this;
ContextWindow.f ocus();
}
function amz_js_RefreshO riginalWindow(u rl) {
if ((window.opener == null) || (window.opener. closed))
{
var OriginalWindow = window.open(url );
OriginalWindow. opener = this;
}
else{
window.opener.l ocation=url;
}
}
//-->
<script language="JavaS cript1.2" type="text/javascript"
src="http://g-images.amazon.c om/images/G/01/nav2/prod/n2BootstrapLibs/n2BootstrapLibs-azbTbs-42329.js"</script> <script language="javas cript1.2">
//n2RunIfLoaded(' simplePopover', function() {
n2RunThisWhen(' onload', function () {
goGoldboxPop = new N2SimplePopover ();
goN2Events.regi sterFeature('go ldboxPop', 'goGoldboxPop',
'n2MouseOverHot spot', 'n2MouseOutHots pot');
goGoldboxPop.in itialize('goldb oxPopDiv', 'goGoldboxPop') ;
}, 'init popover' );
</script>
<script language="javas cript" type="text/javascript">//<![CDATA[
function submitSearch(fo rm) {
var value = form.q.value;
if (value) {
if (value == "robots.txt " || value == "favicon.ic o") {
value = '"' + value + '"';
}
if (typeof(encodeU RIComponent) != "undefined" ) {
value = encodeURICompon ent(value);
} else {
value = escape(value);
}
location.href = "http://a9.amazon.com/?dns=www&src=am z&qs=" + value;
}
return false;
}
//]]</script>
<script language="javas cript" type="text/javascript">//<![CDATA[
n2RunThisWhen(n 2sRTWTBS,
function() {
SimplePop = new N2SimplePopover ();
// register you popup feature with the events framework
goN2Events.regi sterFeature('fi ndGift', // the feature ID used in the NAME=
'SimplePop', // the object that will act upon the event
'n2MouseOverHot spot', // an events helper function for MouseOver event
'n2MouseOutHots pot'); // an events helper function for MouseOut event
SimplePop.initi alize('SimplePo pDiv', // the name for your popup DIV. any
unique name will do
'SimplePop', // the object you made up above
gaTD, // the data array (not used here)
null
);
},
'init popover' );
//]]</script>
<script language="JavaS cript" type="text/JavaScript">
if (Math.random() < 0.5 ) {
if (Math.random() < 0.5 ) {
document.write( '<img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_1.gif"
width="380" vspace="0" usemap="#map1" alt="Holiday Gift Central" hspace="0"
align="center" height="84" border="0" /><table cellpadding="0"
cellspacing="0" border="0"><tr> <td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/gift-guides/ref=cm_gift_tcg _gg_lp_box"><im g
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2a_hea ding2.gif"
width="190" vspace="0" alt="Gift Guides" hspace="0" align="center"
height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/gift-guides/rc/R3AQAT3935LLJE/ref=cm_gift_tcg _gg_mag_esq"><i mg
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2b_esq uire.gif"
width="190" vspace="0" alt="Gift ideas from Esquire magazine" hspace="0"
align="center" height="74" border="0"
/></a></td></tr></table></td><td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/organizer/ref=cm_gift_tcg _organizer_box_ top"><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_go_3a_top .gif"
width="190" vspace="0" alt="Gift Central Gift Organizer" hspace="0"
align="center" height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/organizer/ref=cm_gift_tcg _organizer_box_ bot"><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_go_3b_btm .gif"
width="190" vspace="0" alt="Gift Central Gift Organizer" hspace="0"
align="center" height="74" border="0"
/></a></td></tr></table></td></tr></table></td></tr></table></div>');
} else {
document.write( '<img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_1.gif"
width="380" vspace="0" usemap="#map1" alt="Holiday Gift Central" hspace="0"
align="center" height="84" border="0" /><table cellpadding="0"
cellspacing="0" border="0"><tr> <td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/gift-guides/ref=cm_gift_tcg _gg_lp_box"><im g
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2a_hea ding2.gif"
width="190" vspace="0" alt="Gift Guides" hspace="0" align="center"
height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/gift-guides/rc/R896RIJU0Q7UW/ref=cm_gift_tcg _gg_mag_bon"><i mg
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2b_bon appetit.gif"
width="190" vspace="0" alt="Gift ideas from Bon Appetit magazine" hspace="0"
align="center" height="74" border="0"
/></a></td></tr></table></td><td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/organizer/ref=cm_gift_tcg _organizer_box_ top"><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_go_3a_top .gif"
width="190" vspace="0" alt="Gift Central Gift Organizer" hspace="0"
align="center" height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/organizer/ref=cm_gift_tcg _organizer_box_ bot"><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_go_3b_btm .gif"
width="190" vspace="0" alt="Gift Central Gift Organizer" hspace="0"
align="center" height="74" border="0"
/></a></td></tr></table></td></tr></table></td></tr></table></div>');
}
} else {
if (Math.random() < 0.5 ) {
document.write( '<img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_1.gif"
width="380" vspace="0" usemap="#map1" alt="Holiday Gift Central" hspace="0"
align="center" height="84" border="0" /><table cellpadding="0"
cellspacing="0" border="0"><tr> <td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/gift-guides/ref=cm_gift_tcg _gg_lp_box"><im g
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2a_hea ding2.gif"
width="190" vspace="0" alt="Gift Guides" hspace="0" align="center"
height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/gift-guides/rc/R3AQAT3935LLJE/ref=cm_gift_tcg _gg_mag_esq"><i mg
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2b_esq uire.gif"
width="190" vspace="0" alt="Gift ideas from Esquire magazine" hspace="0"
align="center" height="74" border="0"
/></a></td></tr></table></td><td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/today/ref=cm_gift_tcg _today_box_top" ><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_tg_3a_top .gif"
width="190" vspace="0" alt="Today.s Gift" hspace="0" align="center"
height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/today/ref=cm_gift_tcg _today_box_bot" ><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_tg_3b_btm .gif"
width="190" vspace="0" alt="Today.s Gift" hspace="0" align="center"
height="74" border="0"
/></a></td></tr></table></td></tr></table></td></tr></table></div>');
} else {
document.write( '<img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_1.gif"
width="380" vspace="0" usemap="#map1" alt="Holiday Gift Central" hspace="0"
align="center" height="84" border="0" /><table cellpadding="0"
cellspacing="0" border="0"><tr> <td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/gift-guides/ref=cm_gift_tcg _gg_lp_box"><im g
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2a_hea ding2.gif"
width="190" vspace="0" alt="Gift Guides" hspace="0" align="center"
height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/gift-guides/rc/R896RIJU0Q7UW/ref=cm_gift_tcg _gg_mag_bon"><i mg
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_gg_2b_bon appetit.gif"
width="190" vspace="0" alt="Gift ideas from Bon Appetit magazine" hspace="0"
align="center" height="74" border="0"
/></a></td></tr></table></td><td><table cellpadding="0" cellspacing="0"
border="0"><tr> <td><a
href="/gp/gift-central/today/ref=cm_gift_tcg _today_box_top" ><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_tg_3a_top .gif"
width="190" vspace="0" alt="Today.s Gift" hspace="0" align="center"
height="82" border="0" /></a></td></tr><tr><td><a
href="/gp/gift-central/today/ref=cm_gift_tcg _today_box_bot" ><img
src="http://g-images.amazon.c om/images/G/01/gifts/giftcentral/gateway/gc_gw_tg_3b_btm .gif"
width="190" vspace="0" alt="Today.s Gift" hspace="0" align="center"
height="74" border="0"
/></a></td></tr></table></td></tr></table></td></tr></table></div>');
}
}
</script>
<script language="JavaS cript1.1" type="text/javascript">
<!--
var agt=navigator.u serAgent.toLowe rCase();
var is_major = parseInt(naviga tor.appVersion) ;
var is_nav = ((agt.indexOf(' mozilla')!=-1) && (agt.indexOf('s poofer')==-1)
&& (agt.indexOf('c ompatible') == -1) && (agt.indexOf('o pera')==-1)
&& (agt.indexOf('w ebtv')==-1) && (agt.indexOf('h otjava')==-1));
var is_gecko = (agt.indexOf('g ecko') != -1);
var is_ie = ((agt.indexOf(" msie") != -1) && (agt.indexOf("o pera") == -1));
var is_aol = (agt.indexOf("a ol") != -1);
var is_opera = (agt.indexOf("o pera") != -1);
var is_win = ( (agt.indexOf("w in")!=-1) || (agt.indexOf("1 6bit")!=-1) );
//-->
</script>
<script language="JavaS cript1.1" type="text/javascript">
<!--
var OpenedWin;
function openWin (URL, width, height) {
OpenedWin = window.open(URL , "demo_windo w",
"width="+width+ ",height="+heig ht+",status=no, menubar=no,loca tion=no,toolbar =no,directories =no,scrollbars= no");
if (! is_aol) {
var NewX = (screen.availWi dth/2)-(width/2);
var NewY = (screen.availHe ight/2)-(height/2);
OpenedWin.moveT o(NewX, NewY);
NewX = null;
NewY = null;
}
}
function launch (URL, width, height) {
if (!URL || !width || !height) {
alert("Error");
} else if (width>screen.a vailWidth || height>screen.a vailHeight) {
var message;
message = "Your screen resolution is too low to display the demo.\nClick
'OK' if you wish to continue anyway.\n";
message += '\n Your screen resolution: '+screen.width+ ' x '+screen.height ;
message += ' | Viewable: '+screen.availW idth+' x '+screen.availH eight;
message += '\n Required: '+width+' x '+height;
if (confirm(messag e)) {
message = "If you can not find the close buttons, use your keyboard:\n";
message += 'Windows: ALT+F4\n';
message += 'Macintosh: COMMAND+W';
alert(message);
openWin(URL, width, height);
}
} else {
openWin(URL, width, height);
}
}
function displayLink(tex t){
if ( is_major >= 4 && is_win && ( is_nav || is_ie || is_opera ||
is_gecko ) ) {
document.write( text);
};
}
//-->
</script>
<script language="JavaS cript1.1" type="text/javascript">
<!--
//-->
</script>
<script language="JavaS cript1.1" type="text/javascript">
<!--
//-->
</script>
<script language="Javas cript1.1" type="text/javascript">
<!--
top.focus();
//-->
</script>

That's it. Not much obfuscation there....

Oh, yeah. There *is* that external JavaScript. Darned if I opened up my
Temporary Internet Files folder and couldn't find it. Pretty darned clever
of them!

So, I just typed the URL into my browser, and was prompted to run or save
the script file. I saved it, opened it in NotePad, and here it is:

//! ############### ############### ############### ############### ####
//! This file contains both original and merged/adapted code .
//! Except where indicated, all code is
//! Copyright (c) 2004 Amazon.com, Inc., and its Affiliates.
//! All Rights Reserved.
//! Not to be reused without permission
//! $Change$
//! $Revision$
//! $DateTime$
var gbN2LibMonMigra ted = true;
var N2Loaded = false;
var n2LMStart = new Date();
var gaN2CSSLibs = new Array();
var gaN2JSLibs = new Array();
var oTheDoc = document;
var oTheBody = oTheDoc.body;
var oTheHead = document.getEle mentsByTagName( 'head').item(0) ;
var n2sRTW1='onload ';
var n2sRTWTBS='simp lepopoverloaded ';
function N2Initializer () {
this.aHandlers = new Array();
this.aEventsRun = new Array();
this.bCoreLoade d = false;
}
new N2Initializer ();
N2Initializer.p rototype.runThi sWhen = function (sWhen, fFn, sComment) {
if ( (typeof fFn != 'function') || fFn == null) return false;
sWhen = sWhen.toLowerCa se();
if ( (sWhen =='inbody' && document.body) || this.aEventsRun[sWhen] ){
fFn();
} else {
this.aHandlers[this.aHandlers. length] = { sWhen: sWhen, fFn: fFn, sComment:
sComment };
}
return true
}
N2Initializer.p rototype.initia lizeThis = N2Initializer.p rototype.runThi sWhen
N2Initializer.p rototype.loadTh isWhen = function (sWhen, sURL, sID,
sComment) {
sWhen = sWhen.toLowerCa se();
goN2LibMon.moni torLoad (sID);
if ( sWhen =='now' ) {
n2LoadScript(sU RL, true, sID);
} else {
this.aHandlers[this.aHandlers. length] = { sWhen: sWhen, sURL: sURL, sID:
sID, sComment: sComment };
}
return true
}
N2Initializer.p rototype.run = function (sWhen) {
sWhen = (typeof sWhen == 'undefined') ? null : sWhen;
sWhen = sWhen.toLowerCa se();
this.aEventsRun[sWhen] = true;
if (sWhen == 'coreloaded') { this.bCoreLoade d=true; }
if (window.goN2Deb ug) goN2Debug.info( "N2Initiali zer called with " + (sWhen ?
"'"+sWhen+" '" : "null"));
var aH = this.aHandlers;
var len = aH.length;
for (var i=0;i<len;i++) {
var oTmp = aH[i];
if ((oTmp.bCalled != true) &&
(oTmp.fFn || oTmp.sURL) &&
( (sWhen == null) || (oTmp.sWhen && (oTmp.sWhen == sWhen)))
) {
if ((oTmp.sWhen == 'coreloaded') && !this.bCoreLoad ed) continue;
if (window.goN2Deb ug) ;
if (oTmp.fFn) {
oTmp.fFn();
} else if (oTmp.sURL) {
n2LoadScript(oT mp.sURL, true, oTmp.sID);
}
oTmp.bCalled = true;
}
}
}
goN2Initializer = new N2Initializer() ;
function n2RunThisWhen (sWhen, fFn, sComment) {
goN2Initializer .runThisWhen(sW hen, fFn, sComment);
}
function n2LoadThisWhen (sWhen, sURL, sID, sComment) {
goN2Initializer .loadThisWhen(s When, sURL, sID, sComment);
}
function n2RunIfLoaded (sLibID, fFn, sComment) {
n2RunThisWhen(s LibID+'loaded', fFn, 'sequenced init of '+ sComment);
}
function n2LoadScript (sURL, bLocalCacheOK, sLibID) {
if (sLibID) { goN2LibMon.requ estLoad (sLibID); }
var e = oTheDoc.createE lement("script" );
e.type="text/javascript";
if (bLocalCacheOK) {
e.src = sURL;
} else {
e.src = sURL + (sURL.indexOf(' ?') == -1 ? '?' : '&') + 'lt='+ new
Date().getTime( );
}
oTheHead.append Child(e);
}
function N2LibraryMonito r() {
this.aLibs = {};
this.bJSLoaded= false;
this.bCSSLoaded =false;
this.sNotLoaded ='A desirable part of the page did not load. Please refresh
the page to try again. \n';
this.nTimer=nul l;
this.nTimeoutMs = 10000;
}
new N2LibraryMonito r();
N2LibraryMonito rProto = N2LibraryMonito r.prototype;
N2LibraryMonito r.prototype.mon itorLoad = function (sLibID) {
this.aLibs[sLibID] = { sID: sLibID, nDuration: -1 };
}
N2LibraryMonito r.prototype.req uestLoad = function (sLibID, sFeatureID) {
var oTmp = this.aLibs[sLibID];
if (oTmp) { oTmp.nDuration= -2; }
this.resetTimer ();
}
N2LibraryMonito r.prototype.beg inLoad = function (sLibID, sFeatureID) {
var oTmp = this.aLibs[sLibID];
if (oTmp) {
oTmp.sFeature = sFeatureID;
oTmp.nBegin = new Date().getTime( );
oTmp.nDuration= -3;
}
};
N2LibraryMonito r.prototype.end Load = function (sLibID, nStatus) {
var oTmp = this.aLibs[sLibID];
if (oTmp) { oTmp.nDuration = new Date().getTime( ) - oTmp.nBegin;
oTmp.bLoaded=tr ue;}
var bALL;
if (bALL=this.allL ibsLoaded()) {
this.clearTimer ();
} else {
this.resetTimer ();
}
goN2Initializer .run(sLibID+'lo aded');
if (bALL) {
goN2Initializer .run('lastlibra ryloaded');
}
}
N2LibraryMonito rProto.clearTim er=function() {
if (this.nTimer) {
clearTimeout(th is.nTimer);
this.nTimer = null;
}
}
N2LibraryMonito rProto.resetTim er=function() {
if (this.nTimer) {
clearTimeout(th is.nTimer); }
this.nTimer = setTimeout(n2Li braryLoadTimeou t, this.nTimeoutMs );
}
function n2LibraryLoadTi meout() {
goN2Initializer .run('librarylo adfailed');
}
N2LibraryMonito r.prototype.all LibsLoaded = function () {
var bAllLoaded=true ;
for (var key in this.aLibs) {
if (this.aLibs[key] && this.aLibs[key].nDuration <0) { bAllLoaded=fals e; }
}
this.bJSLoaded = bAllLoaded;
return bAllLoaded;
}
N2LibraryMonito r.prototype.con firmJSLoaded = function() { return
this.bJSLoaded; }
N2LibraryMonito r.prototype.con firmCSSLoaded = function() {
this.bCSSLoaded =true; }
N2LibraryMonito r.prototype.isJ SLoaded = function() { return
this.bJSLoaded; }
N2LibraryMonito r.prototype.isC SSLoaded = function() { return
this.bCSSLoaded ; }
N2LibraryMonito r.prototype.sta tus = function() {
if (this.bJSLoaded ) return "OK!";
else return this.sNotLoaded ;
}
N2LibraryMonito r.prototype.sta ts = function() { return "N/A"; };
goN2LibMon = new N2LibraryMonito r();
var n2LLStop = new Date();
var n2LMStop = new Date();
function N2ConfigBase() {
this.getValue = function(id,d) {
if(typeof this[id] != 'undefined') { return this.id; }
else { return d; } } }
var goN2ConfigBase = new N2ConfigBase();
document.write( '<link
href="http://g-images.amazon.c om/images/G/01/nav2/prod/n2CoreCSS/n2CoreCSS-n2v1-4580.css"
type="text/css" rel="stylesheet ">'+
'');
goN2LibMon.moni torLoad ("utilities" );
goN2LibMon.moni torLoad ("events");
goN2LibMon.moni torLoad ("simplePopover ");
document.write( '<script language="javas cript"
src="http://g-images.amazon.c om/images/G/01/nav2/prod/n2CoreLibs/n2CoreLibs-utilities-19637.js"
type="text/javascript"></script><\/script>'+
'<script language="javas cript"
src="http://g-images.amazon.c om/images/G/01/nav2/prod/n2CoreLibs/n2CoreLibs-events-63727.js"
type="text/javascript"></script><\/script>'+
'<script language="javas cript"
src="http://g-images.amazon.c om/images/G/01/nav2/prod/n2CoreLibs/n2CoreLibs-simplePopover-18851.js"
type="text/javascript"></script><\/script>'+
'');
var goCust = new Object();
goCust.isLogged In=function() { return false; }
var goN2Explorer;
var gaTD;
var goN2AC;
n2RunThisWhen (n2sRTWTBS,
function() {
oAllCatPopover = new N2SimplePopover ();
goN2Events.regi sterFeature('tw o-tabs', 'oAllCatPopover ',
'n2MouseOverHot spot', 'n2MouseOutHots pot');
goN2Events.setF eatureDelays('t wo-tabs',200, 400, 200);
oAllCatPopover. initialize('All CatPopoverDiv',
'oAllCatPopover ',null,null,'be low','c');
},
'All Categories popover');
n2RunThisWhen(n 2sRTW1,
function() {
if (!window.gaTD) gaTD = new Array();
N2Loaded = goN2LibMon.isJS Loaded();
}, "Last Init"
);

So much for obfuscation.
1. Use SSL. Although SSL encrypts the HTTP traffic, at least IE doesn't
seem to cache files like Whatever.js. I haven't tried it with other
browsers.
SSL will prevent anyone from intercepting and reading a packet on the
network, but it sure won't encrypt anything on the client.
2. Call server-side code to using XMLHTTP.
Nope.

Now, if *you* had done *much web* application development at all, you would
realize that the browser has to read this stuff. And the browser is on
*your* computer. Therefore, if the browser can read it, find it, get it, so
can you. All you have to do is what your browser does: Interpret HTML.

The ONLY answer is to use server-side application processing. Anything on
the client is fair game.

--
HTH,

Kevin Spencer
Microsoft MVP
..Net Developer
Complex things are made up of
Lots of simple things.

<hi*****@gmail. com> wrote in message
news:11******** **************@ g14g2000cwa.goo glegroups.com.. . Hi, Bob.
Excuse me for not coming up with a way to hide JavaScript on the client
side.
Both of your suggestions are comparable to leaving your house unlocked,
and taping a note on the front door saying that the door is locked.


Your analogy against my suggestion doesn't seem to be correct. Web
developers are not telling end users that JavaScripts sources are
available, and if you had done web application development at all, you
would know what I suggested is not far from the answer. Moreover, if
you take a look at the JavaScript source of relatively big web sites
like MSN or Amazon, their JavaScripts are obfuscated. That's at least
what we can do as web developers to hide JavaScript. Like Andrew
suggested in this thread, if you don't want to expose your code, you'd
have to do it on the server side. I only suggested the two possible
ways to hide JavaScript in addition to what others suggested here.

Putting that aside, if I may, I could suggest two more ways to possibly
hide important logic from the client side.

1. Use SSL. Although SSL encrypts the HTTP traffic, at least IE doesn't
seem to cache files like Whatever.js. I haven't tried it with other
browsers.

2. Call server-side code to using XMLHTTP.

I guess there isn't really a perfect solution for hiding JavaScript.
The ideal solution would be to entirely encrypt JavaScript, but then,
browsers would have to support such technology. It doesn't seem to
exist today.

Nov 19 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

7
8661
by: Christopher Brandsdal | last post by:
Hi! Im still working on some <%@ LANGUAGE=JScript %> code ;) What is the same command as VbCrLf in JScript? I just want my HTML to jump one line down... hehe I know I should know... ;)
14
2803
by: John Bentley | last post by:
Note this is crossposted to comp.lang.javacript and microsoft.public.dotnet.scripting. After some Googling and FAQing my understanding of these terms is, crudely: Javascript (3 different definitions): 1. The scripting language originally developed by Netscape. (I offer a Brief handle: "Original Netscape Script") 2. The current...
7
1543
by: joe | last post by:
I am having problems checking for the value of an XMLDOM object . Lets say my XMLDOM object was successfully created as objXMLDoc, and that has several nodes on it. In the case of a VBScript loop like below: '------------------- For x = 1 To 10 Set oItemPrice = objXMLDoc.selectSingleNode("//Item/Price")
1
14519
by: Oliver Hoehle | last post by:
Hello! This ist the source-code for an editable combobox implemented with HTML,CSS and Javascript. I have tested it with IE and Mozilla. But I don't know, if it will work in other browsers (Opera, Konqueror, etc.) So I need your feedback... Regards
5
5228
by: benc | last post by:
Hi Can some good soul help on this. I need to call jscript functions from C#. I have hosted a web control and displayed an html page successfully, but just can't find a way to call jscript functions or set some var in the html. There are some sample code in C++ using IDispatch but these are beyond me. Looked at Tim Anderson's work on...
6
1850
by: RFS666 | last post by:
Hello, After I posted yesterday "using C# class in jscript", I have a new problem: I have a C# class - DBResult - that contains (and other variables) a string array (and other variables), that contains data from a database query which is done in C# in codebehind. I create a jscript - script that is injected into the aspx-page. I need this...
2
4224
by: ste-m | last post by:
Hi there, I was wanting to calculate how long my web pages take to load, and to insert this time into my HTML source code (not visible from the browser, but only in source view) as a HTML comment. I've found a JavaScript that does this here: http://www.twohootssoftware.co.uk/code/loadtimejs.html <script language="javascript"...
1
756
by: andrewwan1980 | last post by:
How can VBScript code access JScript code variables in the same ASP page? <SCRIPT LANGAUGE="VBScript"> Dim a a = 10 </SCRIPT> <SCRIPT LANGUAGE="JScript"> Response.Write(a); </SCRIPT>
3
8637
by: suganya | last post by:
Hi Some professionals already has developed the project using menu. In my company, they have given me task to clear the error in that. It is a script file named as "menubarAPI4.js" which is kept inside the folder "menu_script". The following is the code in this file. var...
0
7619
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language...
0
7931
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...
0
8139
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
0
6290
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then...
0
5228
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3663
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3655
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1230
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
0
954
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.