Hi folks,
I am having some issues using a program that protects my web pages (to a
degree) using JavaScript (to print screen/disable clipboard, caching text
selection etc). Below is the code for the page after it has been encrypted
on the local machine: - <!--hppage status="protected"-->
-
<!--Source code not available.-->
-
<html>
-
-
<head><meta http-equiv="Content-Type" content="text/html;
-
charset=windows-1252"><SCRIPT LANGUAGE="JavaScript"><!--
-
document.write(unescape("%3C%53%43%52%49%50%54%20%4C%41%4E%47%55%41%47%45%3D%22%4A%61%76%61%53%63%72%69%70%74%22%3E%3C%21%2D%2D%0D%0A%68%70%5F%6F%6B%3D%74%72%75%65%3B%66%75%6E%63%74%69%6F%6E%20%68%70%5F%64%30%32%28%73%29%7B%69%66%28%21%68%70%5F%6F%6B%29%72%65%74%75%72%6E%3B%76%61%72%20%6F%3D%22%22%2C%61%72%3D%6E%65%77%20%41%72%72%61%79%28%29%2C%6F%73%3D%22%22%2C%69%63%3D%30%2C%70%3D%30%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%7B%63%3D%73%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%3B%69%66%28%63%3C%31%32%38%29%63%3D%63%5E%28%28%70%2B%2B%25%38%29%2B%31%29%3B%6F%73%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%63%29%3B%69%66%28%6F%73%2E%6C%65%6E%67%74%68%3E%38%30%29%7B%61%72%5B%69%63%2B%2B%5D%3D%6F%73%3B%6F%73%3D%22%22%7D%7D%6F%3D%61%72%2E%6A%6F%69%6E%28%22%22%29%2B%6F%73%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%6F%29%7D%2F%2F%2D%2D%3E%3C%2F%53%43%52%49%50%54%3E"));//--></SCRIPT><SCRIPT
-
LANGUAGE="JavaScript"><!--
-
hp_d02(unescape("=Q@VLVS(MCMCPG@M%3C
-
IesgTksksp'8;),/csikuklj%25nwWel+e,}umuwqj%25`fdrg~bphd|hmm$mvXkl**%7Fwcs}sl#bdjtm|dvjfrngo%22ktZbb
-
d+xv`rrzo*f*qguodv-pdaIilg%229kskd'$f*qguodv-pdaIilg-w`guki*$Z-OIXTV%7FP@^SISGBxGSS%5CNL%7FW@JBKU+'#,':%250+~?csikuklj%25nwWlf+a,}jib?meso`iumq*pubz@efjq(nfeg{Kc.
-
E`a$-$;*9:ke,aid}lgmp+gkd(yjb-cqmov-fprsgo?>6yz/e`a%25%22-cqmov-gqtkCd{%7Fx`pbfu,ha|Ehld?>=4/.!zpfppti
-
gcow`/zudnpa~oa
-
d,tlleo5%3C1%7Fx-kfk'$+a+khlhdjawu:53~%7Fa+eszmIf},/.ssgwqwh'n`npaxck{d%22jb-c)%7Fik`l8;6!zujjaip&bcspptbMwgmpv.B~dlw*HIR[DOLR@/%3C%7Fhlgkr(hflmvw`kh~d?ktZbiu|%7Feqkesanl#luYj})g*%7Fl`/m/ukmfn:50+xslhcgv,qaicf{dGuakrt
-
Dtfjq(JGTQFIJPB!:ujjaip&nlnkpubentf9kskd|%7Fjb-hf~hebpjt)iqrMehc)aoff|J`//Hlwawhb|!G{tiiums%25*98+6t}*meso`iumq*pubz@efjq(nfeg{Kc.
-
ERKF#,':%250$%25`jeredlw*djk&mgmcqn&51+*%7Fl`/lnavi`hs&`no-~kfk%3Clbrlaf|np-qvcuIfgmp+oildzLb-!Jib%25*%258+63wgqwlii5qcqw`@kg`v+#5!,f`tjcdrhz/wpawG`mov-wpdt|s*meso`iumq*pubz@efjq(nfeg{Kc.
-
ERKF#,-2!-33->oa obg#
-
qmsqjkk83!zflgpkbfu,ljfii|dzwi`hr5ir%5Cgh{bdrgx`jeredlw*jhjgtqf`jqi5ir%5Cia=cgbwnakr)goif}aipf%3Cjs[hb%3Cuem`qhci|/mmw`jbkuqwewr:`q]gjxck{d%22jb-bhktofjq(kixgqw,}paofls+efxuwqa@pbfuq+Asci|/OLQVCCGVL%7FAsci|/ol`l`nmsq%7FAsci|/IF]AIPF}Guakr)ENWPAPV.3vkm`jq)goolqvccgvl>luYjl:ujjaip&nlha|bh%7Fo?ktZkc3vkm`jq)goolqvcrx%3Cjs[hszmmqf$l`/lnavi`hs&fgwAicjmovA}Lb!.
-
flgpkbfu,bhi/|lnavi`hs&nl`kkrbpuofjp;ox^an?aid}lgmp+iienwpaaipf%3Cjs[aczuhd+`jeredlw*PTK&rwawqtnff*3(1/:5#djh`$.sir%5Ckn;aimqf?roilnu-hjef|hmm9'gegtv9figic#%7Feqkesanl#luYidr**%7Froilnu-wqgs}r?!&>tb|tpm$qtrm|dvjfrngo%22ktZhk{m**%7FmvXfmq+->ub|Uknajss
-
#js[kjtd)+!(46.uhd+`jeredlw*ig~msq*`jeredlw*fgw|tpfAsci|r*Fr`hs&LMVW@IQMS~Fr`hs&LMVW@IR%5C(9gkfsjmov-kkkh}rglr`t:`q]mhv=cgbwnakr)goolqvch}uo>luYidr9ktZhk{m**?csikuklj%25nwWer2,,}ags*j95=n4em`qhci|/coh+jbffvk?l-,!zke,aid}lgmp+gkdZk^*vr~dd,umvoeamkw}$;%25`hfgak$.sem`qhci|/coh^oZ&rvzh`(qarkamiosq%3C
-
kmabbf#9gkfsjmov-eij%5Ca%5C,j`8$ox^kg&x{z3gwmgqohf!js[av5
-
(yekw.n519j8aid}lgmp+gkd/nfjbro3h)(-~oa
-
em`qhci|/coh^oZ&hf>9'nwWhf!-aid}lgmp+gkdZk^*vr~dd,umvoeamkw}8$%25u|9tmkbh%7F/mmf``hzdrqmkr:`q]gt4=paofls+iiigvfvutnfu?ktZbw::flgpkbfu,tvlrb
-
&>pp|jb(u{sa8$smyv,gvu%25(lggmd;%25xskmp'8;),/aka%7F|lhqshd%7F=fnlfy(+94.qw}ic9/(9eqkesanl#luYile**%7Fwcs}sl#bdjtm|flgpkbfu,ljatforvbvq;ox^lg`>oa
-
ocumbgsgs,btuHfed,jjac%7FGg*$Mkrbzogw$@~wdnpfv%22/&5,3%25%22-hf~hebpjt)}rgqEbci|/km``~Hn)%25NWLC
-
!%3C?.5yzcgbwnakr)imn-h`h`|i?>4,/ox^mh9cgk{d9jb-bhktofjq(fdm+gkfsjmov-swosm)%25?hlhl(sgo9vr~ddqka`r'|xrf9'rbpu-`wv$'`sge9'nwWowoh+et{#%3C$->oa
-
gpbi`u.shd+pjv)nscnav(kmoewl;6.sir%5Ckn;aimqf?qiw&mm`eqohf%3Cflgpkbfu,VVI{z'./.:9)TKSKSP;"));//--></SCRIPT><META
-
HTTP-EQUIV="Pragma" CONTENT="No-Cache"><META HTTP-EQUIV="Cache-Control"
-
CONTENT="No-Cache,Must-Revalidate,No-Store"><META HTTP-EQUIV="Expires"
-
CONTENT="0"><META HTTP-EQUIV="ImageToolbar" CONTENT="No"><META
-
NAME="MSSmartTagsPreventParsing" CONTENT="True">
-
<meta http-equiv="Content-Language" content="en-gb">
-
-
<title>New Page 1</title>
-
</head>
-
-
<body><NOSCRIPT>To display this page you need a browser with JavaScript
-
support. Please update your browser, or, visit your browser vendor or
-
java.com to obtain a JavaScript plug-in.</NOSCRIPT><SCRIPT
-
LANGUAGE="JavaScript"><!--
-
hp_d02(unescape("=Q@VLVS(MCMCPG@M%3C
-
IesgTksksp'8;),/csikuklj%25nwWea+-~nwWuc-gwcf|dVf|qTfffg+-+c%7FmbAlihgil)
-
@ku%7F%25!:qfpQojmnww,'nwWea+-'*481+~mc.iiwkdeqiu&`rsJdkb&hlga}Ia
-
&Kmp`timu%22F|ujhzdp$-8;*9}~+jdpno`vlv+stmsCdakr)aoff|J`//LQJA%22/&5,3%25%22aid}lgmp+gkd/nfjbro)%3C2*-~oa
-
em`qhci|/coh#
-
iiwkdeqiu&tqfvDabfu,jjac%7FGg*$Kucui&+>9(7.sem`qhci|/uqmqc//=fjr%25usqmg>&uitauklj?ge{nnvp`=kmgv9)4678qz8pjv=%250234u~%256=kmtpr'|xrf9'rbpucqad$'f`of9'nwWuc!$sgk}d?!$'&t|xnf9'pn{h`jhlr~2ikg``h%256=-gms8
-
!:js[ae/!|%7F,+(+94.Q@VLVS6"));//--></SCRIPT>
-
-
<p><img border="0" src="../../images/FBD%20Banner_cmp.jpg" width="768"
-
height="192"></p>
-
<p> </p>
-
<p>Can this text be selected too?</p>
-
-
</body>
-
-
</html>
Here is the code that I veiw when I access the page after it has been
uploaded to the server with FrontPage: - <!--hppage status="protected"-->
-
<!--Source code not available.--><html>
-
-
<head><meta http-equiv="Content-Type" content="text/html;
-
charset=windows-1252">
-
<script language="JavaScript">
-
<!--
-
-
function SymError()
-
{
-
return true;
-
}
-
-
window.onerror = SymError;
-
-
var SymRealWinOpen = window.open;
-
-
function SymWinOpen(url, name, attributes)
-
{
-
return (new Object());
-
}
-
-
window.open = SymWinOpen;
-
-
//-->
-
</script>
-
-
<!-- I had to cut this section of code because my post was too long, but it
-
is a repeat of the local code the sections above and below occur before and
-
after the code that was origianlly posted from the local machine -->
-
-
<script language="JavaScript">
-
<!--
-
var SymRealOnLoad;
-
var SymRealOnUnload;
-
-
function SymOnUnload()
-
{
-
window.open = SymWinOpen;
-
if(SymRealOnUnload != null)
-
SymRealOnUnload();
-
}
-
-
function SymOnLoad()
-
{
-
if(SymRealOnLoad != null)
-
SymRealOnLoad();
-
window.open = SymRealWinOpen;
-
SymRealOnUnload = window.onunload;
-
window.onunload = SymOnUnload;
-
}
-
-
SymRealOnLoad = window.onload;
-
window.onload = SymOnLoad;
-
-
//-->
-
</script>
As you can see, the begginings and endings of the server side code are
different to the code that was uploaded to the server from the local drive.
Anyone any ideas on why this should be the case, and what the extra code
should do?
OK, I can view my pages fine in Firefox and Netscape, also IE 6.0 (and have
had reports to the same effect), but a user using IE 7.1 has reported that
when he views my pages he gets a security warning, saying "Do you want to
allow this website to access your clipboard". I can't figureout why this is
happening, and would like someone kind intelligent and benevolent (lol) to
examine this code to see if there is a problem with it that would cause such
a security concern.
If you are interested in viewing the exact page you will find that at http://www.futurebydesign-music.com/htmlprot/test.html - the pages on the
rest of the site employ a similar code, and also trigger security alerts for
some reason in IE7.1, but they were not designed to access clipboards, but
to stop people from doing screen captures while on my site.
I have started a thread about this on one of the Microsof Newsgroups, and
have also contacted the makers of the program I am using but have received
no response from either source as yet. This is the URL for the thread on
the Microsof Newsgroup: http://www.microsoft.com/communities...6-1a1322ab028b
Help!!!
C.B. 9 4311
Cerebral Believer wrote:
function SymError()
{
return true;
}
window.onerror = SymError;
var SymRealWinOpen = window.open;
function SymWinOpen(url, name, attributes)
{
return (new Object());
}
window.open = SymWinOpen;
<snip>
As you can see, the begginings and endings of the server side code are
different to the code that was uploaded to the server from the local drive.
Anyone any ideas on why this should be the case, and what the extra code
should do?
The code changes not during the upload, but when accessing the page in
your browser. Disable your McAffee virus protection and it will come
back to normal. McAffee - and some other antivirus programs - shadows
several native window methods by loopholes (bogus functions), so in
case if you have to take extra boring steps to restore the original
references. (In my strong opinion some ears should be cut off for that
idea - and what a hell say window error collector has to do with a
virus protection?)
OK, I can view my pages fine in Firefox and Netscape, also IE 6.0 (and have
had reports to the same effect), but a user using IE 7.1 has reported that
when he views my pages he gets a security warning, saying "Do you want to
allow this website to access your clipboard".
That is nothing to do with with the "antivirus" vandalism, you must be
using some methods in your original code which are restricted for usage
in IE7.
Cerebral Believer wrote:
I am having some issues using a program that protects my
web pages (to a degree) using JavaScript (to print
screen/disable clipboard, caching text selection etc).
<snip>
Any attempt to cripple the facilities of the user's browser represent an
abuse, and all facilities that are employed abusively are likely to be
withdrawn over time. When these facilities are withdrawn or restricted
much that could have been usefully employed will be lost with them (and
lost to everyone). It is best to learn from history and not write or use
abusive scripts.
... - the pages on the rest of the site employ a similar
code, and also trigger security alerts for some reason in
IE7.1, but they were not designed to access clipboards, but
to stop people from doing screen captures while on my
site.
<snip>
Browsers provide no mechanism that will prevent the use of the clipboard
by the user. the only technique ever proposed that could make the user's
attempts to use their clipboard non-viable is for the script to be
continuously writing to the clipboard (thus overwriting anything that had
been added by the user. Obviously constantly writing to the clipboard is
accessing the clipboard and will trigger IE security alerts if their
security settings for the significant zone have clipboard access set to
"prompt". Clearly the default setting for scripted access to the
clipboard have been changed between IE 6 and 7, possibly prompted by
exactly this sort of script as its side effect is to destroy data that
belongs to the user without consent or warning.
Richard.
In article <vb*****************@newsfe7-win.ntli.net>, no**********@hadenoughalready.com says...
Hi folks,
I am having some issues using a program that protects my web pages (to a
degree) using JavaScript (to print screen/disable clipboard, caching text
selection etc). Below is the code for the page after it has been encrypted
on the local machine:
Oh dear. You've wasted your time.
--
Hywel http://kibo.org.uk/
"VK" <sc**********@yahoo.comwrote in message
news:11*********************@c28g2000cwb.googlegro ups.com...
>
Cerebral Believer wrote:
>function SymError() { return true; }
window.onerror = SymError;
var SymRealWinOpen = window.open;
function SymWinOpen(url, name, attributes) { return (new Object()); }
window.open = SymWinOpen;
<snip>
>As you can see, the begginings and endings of the server side code are different to the code that was uploaded to the server from the local drive. Anyone any ideas on why this should be the case, and what the extra code should do?
The code changes not during the upload, but when accessing the page in
your browser. Disable your McAffee virus protection and it will come
back to normal. McAffee - and some other antivirus programs - shadows
several native window methods by loopholes (bogus functions), so in
case if you have to take extra boring steps to restore the original
references. (In my strong opinion some ears should be cut off for that
idea - and what a hell say window error collector has to do with a
virus protection?)
>OK, I can view my pages fine in Firefox and Netscape, also IE 6.0 (and have had reports to the same effect), but a user using IE 7.1 has reported that when he views my pages he gets a security warning, saying "Do you want to allow this website to access your clipboard".
That is nothing to do with with the "antivirus" vandalism, you must be
using some methods in your original code which are restricted for usage
in IE7.
Thanks for the infor VK, that has set my mind at rest.
Regards,
C.B.
"Richard Cornford" <Ri*****@litotes.demon.co.ukwrote in message
news:eg*******************@news.demon.co.uk...
Cerebral Believer wrote:
>I am having some issues using a program that protects my web pages (to a degree) using JavaScript (to print screen/disable clipboard, caching text selection etc).
<snip>
Any attempt to cripple the facilities of the user's browser represent an
abuse, and all facilities that are employed abusively are likely to be
withdrawn over time. When these facilities are withdrawn or restricted
much that could have been usefully employed will be lost with them (and
lost to everyone). It is best to learn from history and not write or use
abusive scripts.
>... - the pages on the rest of the site employ a similar code, and also trigger security alerts for some reason in IE7.1, but they were not designed to access clipboards, but to stop people from doing screen captures while on my site.
<snip>
Browsers provide no mechanism that will prevent the use of the clipboard
by the user. the only technique ever proposed that could make the user's
attempts to use their clipboard non-viable is for the script to be
continuously writing to the clipboard (thus overwriting anything that had
been added by the user. Obviously constantly writing to the clipboard is
accessing the clipboard and will trigger IE security alerts if their
security settings for the significant zone have clipboard access set to
"prompt". Clearly the default setting for scripted access to the
clipboard have been changed between IE 6 and 7, possibly prompted by
exactly this sort of script as its side effect is to destroy data that
belongs to the user without consent or warning.
OK - I tested a few things out, I typed some meaning less data in notepad,
and then copied it to the clipboard, opened several browesrs, I couldn't
paste the text again until I had closed IE, but when tested with Firefox and
Navigator, I could copy and pase as normal.
Thanks for your explaniation it was a very helpful insight.
Regards.
CB
"Hywel Jenkins" <hy***********@gmail.comwrote in message
news:MP************************@news.eclipse.net.u k...
In article <vb*****************@newsfe7-win.ntli.net>, no**********@hadenoughalready.com says...
>Hi folks,
I am having some issues using a program that protects my web pages (to a degree) using JavaScript (to print screen/disable clipboard, caching text selection etc). Below is the code for the page after it has been encrypted on the local machine:
Oh dear. You've wasted your time.
Very helpful thanks!
Regards,
C.B.
"kudzai" <iw********@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
>I visited this page http://www.futurebydesign-music.com/htmlprot/test.html, and sure enough
I couldn't highlight the text.
Then I disabled Javascript without reloading the page. Now I could
highlight and copy the text. I was using Firefox 1.5.0.7.
Wow,
Would you like an extra star on your birthday cake?
Regards,
C.B.
Cerebral Believer wrote:
"kudzai" <iw********@gmail.comwrote in message
news:11**********************@h48g2000cwc.googlegr oups.com...
I visited this page http://www.futurebydesign-music.com/htmlprot/test.html, and sure enough
I couldn't highlight the text.
Then I disabled Javascript without reloading the page. Now I could
highlight and copy the text. I was using Firefox 1.5.0.7.
Wow,
Would you like an extra star on your birthday cake?
Regards,
C.B.
Just trying to point out that this protection of yours appears faulty.
But, hey, disregard my comment if its that offensive.
kudzai. This discussion thread is closed Replies have been disabled for this discussion. Similar topics
2 posts
views
Thread by Halldor Isak Gylfason |
last post: by
|
15 posts
views
Thread by Davide R. |
last post: by
|
5 posts
views
Thread by ZildjianB |
last post: by
|
11 posts
views
Thread by Nathan Sokalski |
last post: by
|
7 posts
views
Thread by petermichaux |
last post: by
|
2 posts
views
Thread by RootShell |
last post: by
| | |
42 posts
views
Thread by lorlarz |
last post: by
| | | | | | | | | | |