SitePoint Sponsor

User Tag List

Results 1 to 16 of 16
  1. #1
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to disable right clicking on a page

    Hi,
    I have some pages that uses a page like header.asp. I put the following javascript in there in the head section to disable right-clicking on the pages:

    <script language="javascript" type="text/javascript">
    var message="Not Allowed!"

    function click(e) {
    if (document.all) {
    if (event.button == 2) {
    alert(message);
    return false;
    }
    }
    if (document.layers) {
    if (e.which == 3) {
    alert(message);
    return false;
    }
    }
    }
    if (document.layers) {
    document.captureEvents(Event.MOUSEDOWN);
    }
    document.onmousedown=click;
    }
    </script>

    It doesn't work. If I individually put it on a page, that works.
    How can I achieve this without doing it on each page?
    And any better code for this?
    Thanks.

  2. #2
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    You can't disable right click. Most browsers have an option enabled that disablers any attempt on the part of the web page to disable it.

    Also the code you have there doesn't block it from the keyboard at all (the menu key is usually immediately to the left of the right CTRL key.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  3. #3
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,189
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    This works fine for me

    Code JavaScript:
    function clickIE4(){
        if (event.button == 2){
            return false;
        }
    }
     
    function clickNS4(e){
        if (document.layers||document.getElementById && !document.all){
            if (e.which == 2 || e.which == 3){
                return false;
            }
        }
    }
     
    if (document.layers){
        document.captureEvents(Event.MOUSEDOWN);
        document.onmousedown = clickNS4;
    } else if (document.all&&!document.getElementById){
        document.onmousedown = clickIE4;
    }
     
    document.oncontextmenu = new Function("return false");

  4. #4
    Non-Member Kalon's Avatar
    Join Date
    Aug 2010
    Location
    At my computer
    Posts
    2,012
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can disable right-click using javascript but that can be easily by-passed by switching javacript off in the browser.

    If you are looking to stop users from viewing your source code or copying your web page images, then that can't be done.

    Even with right-click disabled, all I would have to do is select View->Source from the browser menu (and that you definitely can't stop) or take a screen dump of the screen by pressing the PrtScrn key on my keypad (and you can't disable that either) and saving the page's image in Photoshop.

    You should remember - once something appears in a user's browser, it is there to be copied if someone wants to and you simply cannot stop it. As a last resort anyone can just press their PrtScrn keypad key.

  5. #5
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by Kalon View Post
    You can disable right-click using javascript but that can be easily by-passed by switching javacript off in the browser.
    You don't even need to do that in most browsers because most browsers have a separate option for whether or not to allow pages to do that and most of those have it disabled. With those browsers you can easily have it run all the JavaScript but ignore the code that attempts to disable rightclick.

    For the one browser that doesn't have that option you can add your own option to your browser to re-enable it again whenever a page disables it - see http://javascript.about.com/library/blright.htm
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  6. #6
    Non-Member Kalon's Avatar
    Join Date
    Aug 2010
    Location
    At my computer
    Posts
    2,012
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by felgall View Post
    You don't even need to do that............
    ok thanks

    That's another way of bypassing attempts to disable right-clicks

  7. #7
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi,
    I found if I put oncontextmenu='return false;' in the body tag, it works. I tested in IE and Firefox.
    My goal is to disable it in an application so users can't go for a quick print. The address bar, toolbars are already hidden. Even though one can still get through these, but you know, restrict it as much as possible.
    Thanks for your feed backs.

  8. #8
    From space with love silver trophy
    SpacePhoenix's Avatar
    Join Date
    May 2007
    Location
    Poole, UK
    Posts
    5,000
    Mentioned
    101 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by n.huda View Post
    Hi,
    I found if I put oncontextmenu='return false;' in the body tag, it works. I tested in IE and Firefox.
    My goal is to disable it in an application so users can't go for a quick print. The address bar, toolbars are already hidden. Even though one can still get through these, but you know, restrict it as much as possible.
    Thanks for your feed backs.
    By "quick print" do you mean sending it to a printer? If so they can still quickly print a page on FireFox all they need to is:

    File -> Print
    Community Team Advisor
    Forum Guidelines: Posting FAQ Signatures FAQ Self Promotion FAQ
    Help the Mods: What's Fluff? Report Fluff/Spam to a Moderator

  9. #9
    SitePoint Wizard rguy84's Avatar
    Join Date
    Sep 2005
    Location
    Durham, NC
    Posts
    1,659
    Mentioned
    5 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by SpacePhoenix View Post
    By "quick print" do you mean sending it to a printer? If so they can still quickly print a page on FireFox all they need to is:

    File -> Print
    ctrl+p is faster ;-P
    Ryan B | My Blog | Twitter

  10. #10
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    As I mentioned, we don't show the address bar/menus/tools on the application window.
    So no question of going to File menu.
    And good point, we'll disable the ctrl+p as well.

  11. #11
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by n.huda View Post
    Hi,
    I found if I put oncontextmenu='return false;' in the body tag, it works. I tested in IE and Firefox.
    Did you go into the browser settings and disable the option for that code to run. That is disabled by default in Opera and so any attempt to override access to the context menu is automatically blocked in that browser unless the browser owner gives permission.

    All you are doing by placing these blocks on your site is to drive away legitimate visitors and encourage newbie thieves into stealing your content just so they can demonstrate how "clever" they are because they know how to bypass your ability to block their use of their own computer. Their simplest way assuming their browser doesn't have the options you are trying to use turned off in the first place is to simply click the button in their browser that turns off JavaScript on your page.

    Continue the way you are going and soon the only visitors you will have are those wanting to steal your content just because they can. All your legitimate visitors will have gone elsewhere where they don't have to put up with such stupidity.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  12. #12
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,044
    Mentioned
    187 Post(s)
    Tagged
    2 Thread(s)
    ^ I have to agree. My intuition tells me that legitimate visitors will be annoyed by a site attempting to hijack their browser and the script-kiddies will see it as a challenge.

    In my experience I know of only one guaranteed way to prevent content theft and its so extreme I doubt many do it though there's no way to tell for sure.

  13. #13
    Non-Member Kalon's Avatar
    Join Date
    Aug 2010
    Location
    At my computer
    Posts
    2,012
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I haven't seen a website yet that can stop me from copying whatever I like from my browser window.

    As a last resort, I can just maximise the browser window (to get maximum resolution) and then press the PrtScrn key on my keyboard.

    I then create a new file in Photoshop from what has been copied to my clipboard (from PrtScrn) and I can then do whatever I like with what I copied from the browser window.

    You cannot disable the PrtScrn key on a user's keyboard.


  14. #14
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey Stephen and Mittineague,

    Thanks for your concern and advice.
    But I am afraid you guys do not have enough information to jump to the conclusion you have reached.

    1. "All you are doing by placing these blocks on your site is to drive away legitimate visitors and encourage newbie thieves into stealing your content just so they can demonstrate how "clever" they are because they know how to bypass your ability to block their use of their own computer"
    - Well this application is not for just any visitors from any place. We have a specific, small group of users. This is not a site open to public. So - please stop worrying about this. Think - why would we remove the address bar/menu/tools from the top, if we were expecting general visitors from everywhere?

    2. "Did you go into the browser settings and disable the option for that code to run. That is disabled by default in Opera......."
    - Forget about Opera. Since this is not open to everybody, application users are allowed only to use the great great IE and the semi-great FireFox (The first and The second, not there after). Plus, these guys are not technical like you are. We know most of them don't know how to change the settings. So, this is just a way to block them from quick print, as our client likes.

    3. "Continue the way you are going and soon the only visitors you will have are those wanting to steal your content just because they can. All your legitimate visitors will have gone elsewhere where they don't have to put up with such stupidity."
    - Really did not expect such arrogant and offensive comment from a senior person like you. You might have great experience and knowledge and I am just at the beginning of the tunnel, but knowledge supposed to make a person wiser. Not arrogant.

    Finally - have a good one.

    n.huda

  15. #15
    Programming Since 1978 silver trophybronze trophy felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, NSW, Australia
    Posts
    16,789
    Mentioned
    25 Post(s)
    Tagged
    1 Thread(s)
    Quote Originally Posted by n.huda View Post
    Since this is not open to everybody, application users are allowed only to use the great great IE and the semi-great FireFox (The first and The second, not there after).
    Okay so some new information - so this is for an intranet/extranet and not the internet and so you CAN apply the security settings that you require. (this statement of yours is the most important fact in connection with what you are trying to do and you didn't mention it until now and so you got the answers that relate to the 99.99999% of people who ask about doing this on the internet instead of the answers that are completely different and apply specifically to intranets/extranets).

    What you are trying to do will be easier if you restrict access to just Internet Explorer and block Firefox since IE is the only browser that can actually be tested for plus it is the only browser where you have the ability to encrypt the web page so that people can't view the source (you have to use the special encryptor that only Internet Explorer can decode as otherwise anyone can use a different browser to decrypt it). If you give access to Firefox then you can't ensure that the person has the menus and toolbars turned off since that facility is off by default and you can't stop someone loading a different browser and using that to bypass all your protection. Using the IE encryption option will make the page unviewable in any browser except IE with JScript enabled and you can therefore apply the security settings you want in IE in the knowledge that they can't be bypassed by switching to a different browser.

    The only disadvantage of the JScript encoder is that it doesn't work on Vista or Windows 7 and so your users would also need to be running XP or earlier to be able to view the pages - see http://msdn.microsoft.com/en-us/libr...sc(VS.85).aspx

    If your user group is not running IE on XP or earlier (where the IE encryptor can be used) then the only way you can actually block them from anything is to apply the blocks within their operating system itself.
    Stephen J Chapman

    javascriptexample.net, Book Reviews, follow me on Twitter
    HTML Help, CSS Help, JavaScript Help, PHP/mySQL Help, blog
    <input name="html5" type="text" required pattern="^$">

  16. #16
    SitePoint Member
    Join Date
    Sep 2010
    Posts
    10
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Lot of good information, will be very helpful.
    Thanks Stephen.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •