Help support TMP


"(Help) Need script to hide URL" Topic


7 Posts

All members in good standing are free to post here. Opinions expressed here are solely those of the posters, and have not been cleared with nor are they endorsed by The Miniatures Page.

For more information, see the TMP FAQ.


Back to the Webmasters Plus Board


301 hits since 30 Apr 2008
©1994-2014 Bill Armintrout
Comments or corrections?

No Name02 Inactive Member27 Oct 2006 1:22 a.m. PST

We are looking to put a downloadable URL in the net.

It is going to be pay for access, so don't want the URL to be public.

Anyone know of scripts to hide the URL in browsers and stop 'Copy link' facility on a right click?

I have tried Googling this topic but no joy.

Personal logo mmitchell Sponsoring Member of TMP27 Oct 2006 1:44 a.m. PST

This will be difficult, but not impossible.

What technology are you using (ASP/PHP/ASP.NET)?

If you're just trying Javascript, you may be in for a world of problems…

hurcheon Inactive Member27 Oct 2006 1:45 a.m. PST

Justin

What you want is a NO RIGHT CLICK javascript and there are plenty of them out there. Instant Google on

javascript no right click

got me loads

However that won't protect against View Source

And you may wish to render your url in a Javascript Document.write statement so it is invisible UNLESS javascript is turned on since many, like me, have it turned off as a default

KatieL27 Oct 2006 3:53 a.m. PST

Even that stuff won't really help a lot.

Even if you can make a browser turn off view source, I can wander up to your webserver with a telnet session and GET the source. I can cut the Javascript out and run it through an interpreter and then, having got the URL, I can send HTTP GETs to get the resource.

You /cannot/ in any way trust client side code to do your security for you.


If your thing is that you want people to ONLY be able to look at the resource in a browser, and not save off a copy, you're probably onto a loser; any access method a browser uses, someone can spoof. At the limit, even naive users could just copy the resource out of their browsers cache directory…


If it's that you just want your AUTHORISED users to be able to download the resource, you have two issues; one is that once downloaded they can copy it. That can be solved, but only by using DRM systems which will limit your audience.

The second is preventing people from just emailing out the URL. This is doable by sending out tags to the customers. The server side script checks the tags haven't been used before. So even if someone sends it to their friend, they can't re-use the url.

{Solving the aggro of a user who initiates download, but his session breaks is an exercise for the reader. Probably involves allowing a restarted HTTP download to work from some offset into the file if the ident has been used before. Icky.}

hurcheon Inactive Member27 Oct 2006 4:19 a.m. PST

If you could guarantee your user uses only IE you could keep the new page in an IFrame and have the link start an app in the IFrame that then calls the new page.

And then use the no right click stuff

But that cuts out non-IE users

Like me

hurcheon Inactive Member27 Oct 2006 4:37 a.m. PST

Justin

Make the link a call to a Javascrip tfuntion

have that open a window with no address bar which loads up a page on your site

Once that opens up IT then redirects the URL to rhe page you want

I think you will still have problems with the browser history mind.

No Name02 Inactive Member27 Oct 2006 4:56 a.m. PST

Thanks folks.

I think it is solved.

Basically an html page has an asp script that checks the validity of the user and then that calls another asp script which does the job of downloading,

Seems to solve:

Viewing source, revealing URL and getting URL by right clicking.

KatieL, you are quite right once downloaded, we require honsty from the user not to copy and share. Fingers crossed, I trust most of my fellow wargamers.

We are making the cost (and ease of use) of a download low enough that there is no real reason to make illegal copies, unless you really are a cheapskate.

Sorry - only trusted members can post on the forums.