SitePoint Sponsor

User Tag List

Results 1 to 21 of 21

Thread: Source Code

  1. #1
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Source Code

    Ok, i have a feeling this thread is going to annoy someone..hope not.

    Anyway, you know view -> source shows client side code. Is there any way i can encrypt a part of the code or make it remotely unviewable from prying eyes without using a server side language? It's just a query, but the site im developing has a lot of server side PHP and i wan't to experiment with security a little.

    I'd be happy to here your comments on this (please don't shout ).

    Regards,

    James
    If knowledge is power - Why isn't our army librarians?!
    Statistics show that 63% of all statistics are fake.
    When i was little i broke my neck, and i havent looked back since .
    I completed the internet in 1 week. The end boss was pretty easy though .

  2. #2
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Also, i would take any suggestions on some security suggestions for my website .
    If knowledge is power - Why isn't our army librarians?!
    Statistics show that 63% of all statistics are fake.
    When i was little i broke my neck, and i havent looked back since .
    I completed the internet in 1 week. The end boss was pretty easy though .

  3. #3
    SitePoint Addict
    Join Date
    Jan 2004
    Location
    Colorado Springs
    Posts
    308
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP coding should automatically disappear after the page is generated.

  4. #4
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I know, but i want other ways apart from server-side scripting, Im tyring to experiment with security, just using PHP/MySQL is boring .
    If knowledge is power - Why isn't our army librarians?!
    Statistics show that 63% of all statistics are fake.
    When i was little i broke my neck, and i havent looked back since .
    I completed the internet in 1 week. The end boss was pretty easy though .

  5. #5
    SitePoint Zealot
    Join Date
    Apr 2004
    Location
    next to a pc connected to the poweroutlet
    Posts
    126
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Your talking HTML/Javascript etc. Its not possible there are programs out there that do it, but there are programs out there even browsers (Mozilla) that can get rid of it and see the source code. Basically its just a waste of time. If you dont want people to view the HTML then dont have a site up its as simple as that.

  6. #6
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, ive arrisen from the original query to a new one :

    Are there any different methods of web security other than making things server-side. Im looking to enhance and experiment with my security on the website.
    If knowledge is power - Why isn't our army librarians?!
    Statistics show that 63% of all statistics are fake.
    When i was little i broke my neck, and i havent looked back since .
    I completed the internet in 1 week. The end boss was pretty easy though .

  7. #7
    SitePoint Member
    Join Date
    Aug 2004
    Location
    GA
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    http://www.atrise.com/

    Atrise HTML Lock, it encrypts the html.

  8. #8
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Awesome.

    I'll give it a look .

    Regards,

    James .
    If knowledge is power - Why isn't our army librarians?!
    Statistics show that 63% of all statistics are fake.
    When i was little i broke my neck, and i havent looked back since .
    I completed the internet in 1 week. The end boss was pretty easy though .

  9. #9
    masquerading Nick's Avatar
    Join Date
    Jun 2003
    Location
    East Coast
    Posts
    2,215
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well I do think it is pointless to try and hide your source code. Nobody will be able to see the real coding - the server side stuff. And as far as the client side stuff, all that is pretty basic so I don't see why you would want to hide it anyways. Not like they will be able to use it to hack your site or anything.

    Besides, when I was an aspiring beginning web developer, I learned a lot from viewing the source codes of websites, and I encourage beginners to do the same.
    Nick . all that we see or seem, is but a dream within a dream
    Show someone you care, send them a virtual flower.
    Good deals on men's watches

  10. #10
    SitePoint Member
    Join Date
    Aug 2004
    Location
    Everett
    Posts
    3
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    xICE Web Protection
    http://www.xice.net/webprotect.html

    Client-side encryption with a password. It's the best bet for keeping it all secure. It doesn't store the password in the code so it's not really breakable by standard methods.

  11. #11
    SitePoint Zealot
    Join Date
    Apr 2004
    Location
    next to a pc connected to the poweroutlet
    Posts
    126
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I cant remember the link however all HTML encryption has all been broken that i know about. Like i said if you want HTML encrypted than you shouldnt have it online.

  12. #12
    <? james('rules'); ?>
    Join Date
    Jun 2004
    Location
    Wales, UK
    Posts
    788
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ah most of you are misunderstanding me .

    I use server side scripting a lot. I like using it for security, and its just makes your web pages better. But thats the only real site security i have. I was trying to experiment with other security methods..not hiding my source code. Thats pointless, and a waste of time.
    Really im thinking of taking up a new language now, probably ASP. That looks challenging but would be a change from PHP/MySQL.

    Regards,

    James
    If knowledge is power - Why isn't our army librarians?!
    Statistics show that 63% of all statistics are fake.
    When i was little i broke my neck, and i havent looked back since .
    I completed the internet in 1 week. The end boss was pretty easy though .

  13. #13
    SitePoint Wizard dethfire's Avatar
    Join Date
    Aug 2000
    Posts
    2,477
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If fortune 500 companies aren't hiding their code, then you don't need to either
    Free Science Homework Help
    http://www.physicsforums.com

  14. #14
    SitePoint Addict myrdhrin's Avatar
    Join Date
    Jul 2004
    Location
    Montreal
    Posts
    211
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What is it your trying to protect? The logic? The layout? The information?

    HTML and most browser based application are script... and scripts must be in a readable form in order for the browser to do something with them...

    Then again... I'd say that if there are portions of a web application that truly needs protection (let's say because of a patent) you might be better off setting those protected section into a java applet.

    While it does not ensure that the nobody can retrieve the logic I heard that java can be encrypted more easily (it's bitecode after all, not scripting).

    Another solution would be to generate the protected information in a PDF format. If you go on Adobe (I know... big big company) they have extensions that can be used to encrypt your document and prevent some usage (like printing, saving, copying, etc.)

    It all depends on the purpose....
    Jean-Marc (aka Myrdhrin)
    M2i3 - blog - Protect your privacy with Zliki

  15. #15
    SitePoint Enthusiast yodaddy's Avatar
    Join Date
    Aug 2004
    Location
    georgetown, tx
    Posts
    86
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by 1337-Dev
    Ah most of you are misunderstanding me .

    I use server side scripting a lot. I like using it for security, and its just makes your web pages better. But thats the only real site security i have. I was trying to experiment with other security methods..not hiding my source code. Thats pointless, and a waste of time.
    Really im thinking of taking up a new language now, probably ASP. That looks challenging but would be a change from PHP/MySQL.

    Regards,

    James
    James,
    Your comments are confusing.

    "I use server side scripting a lot. I like using it for security, and it just makes your web pages better."

    What the heck do you mean by that? How do those two comments equate? (PHP != site security , PHP by itself != better web pages)

    "Really im thinking of taking up a new language now, probably ASP. That looks challenging but would be a change from PHP/MySQL."

    Hope you aren't trying to make a distinction that ASP is going to give you more security or something.

    I must be confused...

  16. #16
    SitePoint Enthusiast
    Join Date
    Aug 2004
    Location
    around
    Posts
    72
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    confusing is right!

    you dont get security from server side languages. if your more specific you get better answers. also go asp.net or java over classic asp just for the sake of new is better than old.

    if you wanna experiment with keeping data secure try xml files outside the web root, thats something fun i've been playing with lately.

  17. #17
    SitePoint Enthusiast
    Join Date
    Aug 2004
    Location
    Work
    Posts
    30
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    There's always a way to get past it. Don't even bother trying to encrypt it.

  18. #18
    SitePoint Addict
    Join Date
    Aug 2004
    Location
    California
    Posts
    267
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think all he meant by "security" was hiding the client-side source.

  19. #19
    SitePoint Member
    Join Date
    Sep 2004
    Location
    Phoenix, Arizona
    Posts
    0
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually, I was looking for information about this as well. Some of us do have a vaild reason to encrypt HTML. My reason?

    Well, I develope functional online businesses, ecommerce sites, etc... which I then advertise and sell fairly easily. Now, all of my sites are of my own design, and I have hundreds of people viewing each site in about a 3 day time period.

    What's to stop Mr. Thief from just stealing the code / design / images and using it without buying it? I know HTML encryption isnt exactly fool-proof. But to the average internet user just trying to steal my work instead of paying for it isn't going to take the time to break the encryption. They'll just move on and find a site that they CAN rip off.

    So, for us who sell 5-10 websites each week, and base their entire income around it, HTML encryption IS worthwhile!

  20. #20
    With More ! for your $ maxor's Avatar
    Join Date
    Feb 2004
    Location
    Scottsdale, Arizona
    Posts
    909
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If people are stealing your design, code and images that's a violation of copyright law. You don't need to encrypt your source code.

  21. #21
    SitePoint Zealot
    Join Date
    Apr 2004
    Location
    next to a pc connected to the poweroutlet
    Posts
    126
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ZeroFate
    Actually, I was looking for information about this as well. Some of us do have a vaild reason to encrypt HTML. My reason?

    Well, I develope functional online businesses, ecommerce sites, etc... which I then advertise and sell fairly easily. Now, all of my sites are of my own design, and I have hundreds of people viewing each site in about a 3 day time period.

    What's to stop Mr. Thief from just stealing the code / design / images and using it without buying it? I know HTML encryption isnt exactly fool-proof. But to the average internet user just trying to steal my work instead of paying for it isn't going to take the time to break the encryption. They'll just move on and find a site that they CAN rip off.

    So, for us who sell 5-10 websites each week, and base their entire income around it, HTML encryption IS worthwhile!
    If its designs and potential clients are only viewing it why not take a screen capture or something like that and put a logo stamp across the middle firstly the give the basic idea and secondly to stop users stealing source.

    As for the topic starter, theres no such thing as a language that is more secure then the other. A program is only as secure as the programmer programmed it, so if they left important things like SQL checking out they are vunerable to SQL injects etc. The language itself has nothing to do with it.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •