Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have this script that starts with <script> and finishes with </script>
People can actually see it if they go to the source code of the page.
Is there a way to avoid that? I mean to make that code invisible as if it where PHP?
Edit: Now that you’ve added a comment that says what you’re actually trying to protect is the URL of a video (why don’t people just say what they’re really trying to do in their question?).
The answer is that you can’t protect a video URL that you play in a web page. That can easily be seen lots of ways. Any of the browser debugging tools will show all network traffic to/from the browser which will easily disclose the video URL.
If what you really want to do is to prevent direct linking of the video, then there are some techniques (none of which are foolproof) you can use to prevent most directly linking. If you do a Google search for “prevent direct linking”, you will find a lot of articles that discuss this concept. The two techniques I’ve seen used are:
All javascript in your web page will be visible to anyone who wants to see it.
The only way to truly hide an algorithm is to put it on the server, execute it on the server and either put the result in the web page as it’s rendered by the server or use an ajax call to retrieve it.
Because of the way Javascript works in the browser, the code must be available to the browser in order to run it. If it’s available to the browser, then it’s available to any person who wants to see it.
There are some things you can do to make it more difficult for people to see your javascript, but these are only obstacles that will slow someone down or make them take more time to understand your code, but they can all be overcome by anyone who has enough persistence to do so.
The simplest thing you can do is to minimize your code by running it through one of the free popular minimizer tools (Google Closure or Yahoo’s minimizer and there are many others). These tools main goal is to reduce the size of your javascript code, but in the process they also make it a lot less readable by removing indentation, line breaks, renaming local symbols to something short and meaningless, etc…
There are also obscuration tools that purposely obscure your javascript code to make it more difficult to see/understand.
I repeat though. All of these tools can ultimately be defeated and the most they do to thwart a determined snooper is slow them down.
If you really want to protect an algorithm or trade secret or secret code or something like that, you have to put the algorithm on the server and have the code execute only on the server so that the browser can only see the result, not the actual code.
FYI, in most cases, it’s never as important to protect your actual code as people think it is. Business success is not achieved by keeping secrets, but rather by getting known and by meeting the needs of customers at an appropriate price.