Scrambing html source code

Eng Heong · 06-12-2000, 11:15 PM

Hi

I am using Frontpage 2000 to create my webpages.
In one of the pages is a password form, requesting for username and password.
I notice that anyone can view the html source code with the IE5.
Is there a way to scramble the html source code?

Thanks

Captain_Kirk · 06-13-2000, 05:51 PM

You can 'compress' it. But 'scrambling' would defeat the object of putting
stuff on the web.

"Eng Heong" <wpx@pacific.net.sg> wrote in message
news:3945993a$1@news.devx.com...
>
> Hi
>
> I am using Frontpage 2000 to create my webpages.
> In one of the pages is a password form, requesting for username and
password.
> I notice that anyone can view the html source code with the IE5.
> Is there a way to scramble the html source code?
>
> Thanks
>

T. Bradley Dean · 06-13-2000, 06:06 PM

You can use ASP.

Have the form go to an ASP page that processes the user name and password,
and then shows the results. If they view the results page, they won't see
any of the code used to check the password.

Captain_Kirk <Captain_Kirk@giantsfan.com> wrote in message
news:39469e0f@news.devx.com...
> You can 'compress' it. But 'scrambling' would defeat the object of putting
> stuff on the web.
>
> "Eng Heong" <wpx@pacific.net.sg> wrote in message
> news:3945993a$1@news.devx.com...
> >
> > Hi
> >
> > I am using Frontpage 2000 to create my webpages.
> > In one of the pages is a password form, requesting for username and
> password.
> > I notice that anyone can view the html source code with the IE5.
> > Is there a way to scramble the html source code?
> >
> > Thanks
> >
>
>

Chad Moore · 06-15-2000, 02:11 PM

You could hide the code... To do that you can make a frameset with only your
page in it, then on the actual page you can put a javascript to disable
right clicking.

This way, when you right click the page, there is no way to get to the "view
source" option, and if you go to the "view source" option in the browser's
menu, you get the frameset's source which will have only the name of the
page, no code.

"Eng Heong" <wpx@pacific.net.sg> wrote in message
news:3945993a$1@news.devx.com...
>
> Hi
>
> I am using Frontpage 2000 to create my webpages.
> In one of the pages is a password form, requesting for username and
password.
> I notice that anyone can view the html source code with the IE5.
> Is there a way to scramble the html source code?
>
> Thanks
>

T. Bradley Dean · 06-15-2000, 06:33 PM

But if you 'view source' it will give you the name of the file in the frame.
Type that into the browser and it will come up without the frame. Then just
'view source' again.

Chad Moore <chadm@mitem.com> wrote in message
news:39490db5$1@news.devx.com...
> You could hide the code... To do that you can make a frameset with only
your
> page in it, then on the actual page you can put a javascript to disable
> right clicking.
>
> This way, when you right click the page, there is no way to get to the
"view
> source" option, and if you go to the "view source" option in the browser's
> menu, you get the frameset's source which will have only the name of the
> page, no code.
>
>
> "Eng Heong" <wpx@pacific.net.sg> wrote in message
> news:3945993a$1@news.devx.com...
> >
> > Hi
> >
> > I am using Frontpage 2000 to create my webpages.
> > In one of the pages is a password form, requesting for username and
> password.
> > I notice that anyone can view the html source code with the IE5.
> > Is there a way to scramble the html source code?
> >
> > Thanks
> >
>
>

Chris Geirman · 06-15-2000, 07:26 PM

"Chad Moore" <chadm@mitem.com> wrote:
>You could hide the code... To do that you can make a frameset with only
your
>page in it, then on the actual page you can put a javascript to disable
>right clicking.
>
>This way, when you right click the page, there is no way to get to the "view
>source" option, and if you go to the "view source" option in the browser's
>menu, you get the frameset's source which will have only the name of the
>page, no code.
>

if you decide to go this route, you had better include a script that forces
each child page to be part of the frameset. Otherwise the saavy iBrowser
could view the source, grab the url of the child page (containing the code)
and load that into the browser independent of the frameset.

Jason Smith · 06-15-2000, 08:26 PM

If you are using IE5, and only IE5, you can use Microsoft encoding to encode
VBScript and JScript code. It isn't really very secure, but it will keep
most people of ages 12 and under from being able to figure out what you are
doing. If you want some ASP source code, let me know and I'll send it to
you (you can encode stuff on the fly in ASP).

It isn't a good idea to send a password down to the client for verification,
not in any circumstances, not even encoded. That person might be using the
same password for their domain log-on, or for other vital things. I will
assume that this is not what you were planning to do.

You can pass the name and password up to the server for verification. If
you do this, you should consider designing that part of your web application
using SSL (Secure Sockets Layer). That way, only the client machine and
the server machine know what was passed. Any snoops will get encrypted data.
If you do this with forms, there is no need to hide HTML or script. All
the important stuff is done on the server.

If you are really paranoid, have the user enter a name and a password the
first time they log in (when they register), and HASH the password. From
then on, HASH the password on the client, and only send the HASH-CODE to
the server, not the name and password. Heck, you now only need to store
the HASH on the server, and the password is lost forever (except to your
user). You still need to do identity verification using SSL or some other
form of encryption, since a hacker could log in with a name and a HASH.
But the user's password would not be compromised even if someone got access
to your server.

Hope that helps.

"Eng Heong" <wpx@pacific.net.sg> wrote:
>
>Hi
>
>I am using Frontpage 2000 to create my webpages.
>In one of the pages is a password form, requesting for username and password.
>I notice that anyone can view the html source code with the IE5.
>Is there a way to scramble the html source code?
>
>Thanks
>

Chris Karper · 06-15-2000, 09:05 PM

Just disable Javascript in your browser to defeat this scheme.

"Chad Moore" <chadm@mitem.com> wrote:
>You could hide the code... To do that you can make a frameset with only
your
>page in it, then on the actual page you can put a javascript to disable
>right clicking.
>
>This way, when you right click the page, there is no way to get to the "view
>source" option, and if you go to the "view source" option in the browser's
>menu, you get the frameset's source which will have only the name of the
>page, no code.
>
>
>"Eng Heong" <wpx@pacific.net.sg> wrote in message
>news:3945993a$1@news.devx.com...
>>
>> Hi
>>
>> I am using Frontpage 2000 to create my webpages.
>> In one of the pages is a password form, requesting for username and
>password.
>> I notice that anyone can view the html source code with the IE5.
>> Is there a way to scramble the html source code?
>>
>> Thanks
>>
>
>

killboy poowerhead · 06-15-2000, 11:23 PM

"Chad Moore" <chadm@mitem.com> wrote:
>You could hide the code... To do that you can make a frameset with only
your
>page in it, then on the actual page you can put a javascript to disable
>right clicking.
>
>This way, when you right click the page, there is no way to get to the "view
>source" option, and if you go to the "view source" option in the browser's
>menu, you get the frameset's source which will have only the name of the
>page, no code.
>
>
>"Eng Heong" <wpx@pacific.net.sg> wrote in message
>news:3945993a$1@news.devx.com...
>>
>> Hi
>>
>> I am using Frontpage 2000 to create my webpages.
>> In one of the pages is a password form, requesting for username and
>password.
>> I notice that anyone can view the html source code with the IE5.
>> Is there a way to scramble the html source code?
>>
>> Thanks
>>
>
>

Rohit Wason · 06-16-2000, 01:30 AM

>You could hide the code... To do that you can make a frameset with only your
>page in it, then on the actual page you can put a javascript to disable
>right clicking.

I think using .js file is a better option. Or you can use two frames - one
having the vital validation code (in case you don't want to use ASP or any
other Server Scripting) and the other having the user-interface.

Disabling the right click wont help - how about the View->Source menu option?
and how about the context menu shortcut key on the Miscrosoft KeyBoard??
:-)

Rohit

Sheldon Livingston · 06-16-2000, 10:30 AM

I don't believe you can 'disable' the right click on older browsers.

"Chad Moore" <chadm@mitem.com> wrote:
>You could hide the code... To do that you can make a frameset with only
your
>page in it, then on the actual page you can put a javascript to disable
>right clicking.
>
>This way, when you right click the page, there is no way to get to the "view
>source" option, and if you go to the "view source" option in the browser's
>menu, you get the frameset's source which will have only the name of the
>page, no code.
>
>
>"Eng Heong" <wpx@pacific.net.sg> wrote in message
>news:3945993a$1@news.devx.com...
>>
>> Hi
>>
>> I am using Frontpage 2000 to create my webpages.
>> In one of the pages is a password form, requesting for username and
>password.
>> I notice that anyone can view the html source code with the IE5.
>> Is there a way to scramble the html source code?
>>
>> Thanks
>>
>
>

Mike · 06-16-2000, 10:31 AM

Couldn't you just look at the <FRAMESET> source code to see which pages are
being pulled into each frame and copy the name of the page you want into
the address bar? From there it would bring up the page out of the frame and
the source would then be viewable.

"Chad Moore" <chadm@mitem.com> wrote:
>You could hide the code... To do that you can make a frameset with only
your
>page in it, then on the actual page you can put a javascript to disable
>right clicking.
>
>This way, when you right click the page, there is no way to get to the "view
>source" option, and if you go to the "view source" option in the browser's
>menu, you get the frameset's source which will have only the name of the
>page, no code.
>
>
>"Eng Heong" <wpx@pacific.net.sg> wrote in message
>news:3945993a$1@news.devx.com...
>>
>> Hi
>>
>> I am using Frontpage 2000 to create my webpages.
>> In one of the pages is a password form, requesting for username and
>password.
>> I notice that anyone can view the html source code with the IE5.
>> Is there a way to scramble the html source code?
>>
>> Thanks
>>
>
>

Sheldon Livingston · 06-16-2000, 10:37 AM

I believe the .js file is downloaded to the temporary internet files folder...

"Rohit Wason" <rohitw@futuresoftindia.com> wrote:
>
>>You could hide the code... To do that you can make a frameset with only
your
>>page in it, then on the actual page you can put a javascript to disable
>>right clicking.
>
>I think using .js file is a better option. Or you can use two frames - one
>having the vital validation code (in case you don't want to use ASP or any
>other Server Scripting) and the other having the user-interface.
>
>Disabling the right click wont help - how about the View->Source menu option?
>and how about the context menu shortcut key on the Miscrosoft KeyBoard??
>:-)
>
>Rohit

Don W · 06-28-2000, 03:54 PM

Just create an include file, either a .js or .htm..... Then put that file
in _scriptlibrary or a protected folder. Then no one will have access to
it! When you view source the user will see the name of the include file,
but doesn't see the actual code for it, nor does he/she have access to it!

D

"Mike" <mcox@americantelnet.com> wrote:
>
>Couldn't you just look at the <FRAMESET> source code to see which pages
are
>being pulled into each frame and copy the name of the page you want into
>the address bar? From there it would bring up the page out of the frame
and
>the source would then be viewable.
>
>
>"Chad Moore" <chadm@mitem.com> wrote:
>>You could hide the code... To do that you can make a frameset with only
>your
>>page in it, then on the actual page you can put a javascript to disable
>>right clicking.
>>
>>This way, when you right click the page, there is no way to get to the
"view
>>source" option, and if you go to the "view source" option in the browser's
>>menu, you get the frameset's source which will have only the name of the
>>page, no code.
>>
>>
>>"Eng Heong" <wpx@pacific.net.sg> wrote in message
>>news:3945993a$1@news.devx.com...
>>>
>>> Hi
>>>
>>> I am using Frontpage 2000 to create my webpages.
>>> In one of the pages is a password form, requesting for username and
>>password.
>>> I notice that anyone can view the html source code with the IE5.
>>> Is there a way to scramble the html source code?
>>>
>>> Thanks
>>>
>>
>>
>