Displaying Source Code(s)
Protect your Client Side Script with ASP
Description : This code will allow you to use ASP to check that
or just someone trying to steal your code. If the
request.servervariables(HTTP_REFERER) returns a page from your
request.servervariables(HTTP_REFERER) does not return a page
from your site you return an appropriate response of your own.
' Name: Protect your Client Side Script
' with ASP v1.1
' Description:This code will allow you t
' o use ASP to check that the request for
' request or just someone trying to steal
' your code. If the request.servervariable
' s("HTTP_REFERER") returns a page from yo
' if request.servervariables("HTTP_REFERER
' ") doesn't return a page from your site
' you return an appropriate response of yo
' ur own.
' Inputs:This is the basic idea laid out
' for you to examine. You will still have
' to do a little work to integrate it in t
' o your site but it isn't much more than
' copy and paste.
The Input Request.ServerVariables("HTTP_REFERER") which Is
automatically sent by the browser.
' VBScript if appropriate, if not a messag
' e to the user.
' Assumes:Pretty basic really, but if yo
' u have any questions then post them and
' I'll try to answer them. I'll be doing a
' n example of this on my site http://www.
' cjcraft.com someday :P
' Side Effects:It doesn't seem to work o
' n Netscape without setting up IIS to par
' se .js files like it does .asp. The user
' can still open the file from the user's
' cache unless you include:
Response.Expires = 60
Response.ExpiresAbsolute = Now() - 1
Response.CacheControl = "no-cache"
browser from saving a Local copy of the file.
It must be saved As a .ASP file Or it will Not work. Actually,
you can Set IIS server To read .js files just like it does .asp
files. This Is a good idea To hide your protection scheme For
any users who are trying bypass it. Then you could save it As a
If you Do this a lot more people will be stumped.
Of course you could just As easily protect your vbscript With
the technique too.
' This is to force file to open save as
' dialog box and not open in user's browse
' It would be even safer to have it as "
' badtype/badtype" instead of "text/javasc
' Set the line below to the page that wi
' ll be granted acess to the file
' You could change the test to allow all
' pages on your site access, etc.
If (Request.ServerVariables("HTTP_REFERER") = "http://www.mysite.com/myfolder/mypage.asp")
document.write(" ACCESS GRANTED @ <%=time%> <BR/>");
document.write(" request.servervariables("HTTP_REFERER") = "<%=Request.ServerVariables("HTTP_REFERER")%>"");
/* This Is where you put the message you want users To see In
/* I wouldn't use the bottom line since it will give away your
protection scheme and help */
/* users find a way To break it */
No soup For you.
Request.ServerVariables("HTTP_REFERER") = "<%=request.servervariables("HTTP_REFERER")%>"