can i hide the html source code from the browser view source?

Question

I want to know can i hide the source code(special for HTML PAGE) from browsers.viewsource ? if yes than how ?
And if no than other way to secure my page code ?

Answer 1

No you cant do that.It is impossible to effectively hide the HTML.

You can read this as this will give you some other alternatives to secure your page.

Source Code Padding

Really, the oldest trick in the book. It involves adding a ton of white space before the start of your code so that the view source menu appears blank. However, must all people will notice the scroll bars and will scroll around to find your code. As pointless and silly as this method is, there are some still who use it.

No Right Click Scripts

These scripts stop users from right-clicking, where the "View Source" function is located. Cons: Notoriously hard to get working across browsers and to actually work properly. The right-click menu, or context menu, includes many helpful tools for users, including navigation buttons and the "Bookmark Page" button. Most users don't take kindly to having their browser functionality disabled and are inclined not to revisit such pages. The View Source function is also available through the top Menu. At the main menu bar at the top of your browser, select View, and then in the sub-menu, you'll see "View Source" or something similar. Also, there are keyboard shortcuts like Ctrl+U that can be used to view source. All this method does is add about a two second delay to someone trying to view your source and it does irritate users who aren't trying to view your source.

"JavaScript Encryption"

This is by far the most popular way to try to hide one's source code. It involves taking your code, using a custom made function to "encrypt" it somehow, and then putting it in an HTML file along with a function that will decrypt it for the browser. A User is able to view the source, however, it isn't understandable. Cons: Your website is only usable for users with JavaScript enabled. This rules out search engines, users who've chosen to disable JavaScript, and users using a textual browser (such as the blind) that doesn't have JavaScript capabilities. Remember, JavaScript is a luxury, not a necessity on the web. You have to include a means of decrypting the page so the browser can display it. Someone who understands JavaScript can easily decrypt the page. Many browsers provide alternative ways around this. Some allow you to save the page, decrypted for easy viewing later. Others, like FireFox, include tools like the DOM Inspector, which allows you to easily view and copy the XML of the page, decrypted.

HTML Protection Software

There are some less than honest people who want to sell you software to quickly and conveniently "protect" your source code. This type of software generally employs the above methods, in varying ways, to hide your source code. Many people think that if they are buying it, it must work. It doesn't. As we've seen, the above methods are all easily circumvented, and all this software does is implement these horribly flawed methods for you and take your money. Don't fall for them, I've yet to see a single one that's worked, and they never will.

Copied the content if in case the link goes dead in future.

Answer 2

If you are only trying to hide your HTML, you could create an empty DIV tag within your body tag and then use an ajax call back to your server to retrieve the rest of the HTML. Then you would do an insert into the div tag with document.getElementById("div").innerHTML = ajax_content to populate the div with your content.

This will only hide your HTML from content authors who do not know about ajax/javascript coding. If they try to view the page source, they should only see the empty div tag.

This method is only a deterrent, not avoidance.

Answer 3

As others said, you can't hide your code to the client because on the web, the client download all your html, javascript et css to be able to display it in its browser.

The only thing you could do is to obfuscate and minimze your code when building a release version of your website.

That way, you'll complicate the work of the "hacker" who trys to steal your code. http://en.wikipedia.org/wiki/Obfuscation_(software)

http://en.wikipedia.org/wiki/Minification_(programming)

Here's a example of Google's obfuscated code

var _=_||{};(function(_){var window=this;
try{
var aaa;var cb;_.ha=function(){return function(a){return a}};_.wa=function(){return function(){}};_.xa=function(a){return function(b){this[a]=b}};_.ya=function(a){return function(){return this[a]}};_.Aa=function(a){return function(){return a}};_.Fa=function(a,b,c){a=a.split(".");c=c||_.Ga;a[0]in c||!c.execScript||c.execScript("var "+a[0]);for(var d;a.length&&(d=a.shift());)a.length||void 0===b?c=c[d]?c[d]:c[d]={}:c[d]=b};
_.La=function(a,b){for(var c=a.split("."),d=b||_.Ga,e;e=c.shift();)if(null!=d[e])d=d[e];else return null;return d};_.Ma=function(){};_.Oa=function(a){a.H=function(){return a.JS?a.JS:a.JS=new a}};
_.Pa=function(a){var b=typeof a;if("object"==b)if(a){if(a instanceof Array)return"array";if(a instanceof Object)return b;var c=Object.prototype.toString.call(a);if("[object Window]"==c)return"object";if("[object Array]"==c||"number"==typeof a.length&&"undefined"!=typeof a.splice&&"undefined"!=typeof a.propertyIsEnumerable&&!a.propertyIsEnumerable("splice"))return"array";if("[object Function]"==c||"undefined"!=typeof a.call&&"undefined"!=typeof a.propertyIsEnumerable&&!a.propertyIsEnumerable("call"))return"function"}else return"null";
else if("function"==b&&"undefined"==typeof a.call)return"object";return b};_.Ra=function(a){return void 0!==a};_.Ta=function(a){return"array"==(0,_.Pa)(a)};_.Ua=function(a){var b=(0,_.Pa)(a);return"array"==b||"object"==b&&"number"==typeof a.length};_.Va=function(a){return"string"==typeof a};_.Ya=function(a){return"number"==typeof a};_.Za=function(a){return"function"==(0,_.Pa)(a)};_.ab=function(a){var b=typeof a;return"object"==b&&null!=a||"function"==b};_.bb=function(a){return a[cb]||(a[cb]=++aaa)};
var baa=function(a,b,c){return a.call.apply(a.bind,arguments)};var caa=function(a,b,c){if(!a)throw Error();

Answer 4

1. add htaccess password for that page. If user can access page and if page is HTML, then user can see source. But user can not see code if he can not access page :)
2. convert html to image and display it instead of html. There will be no code left for user.

3. use flash version. user will be able to download flash, but is is harder (still possible?) to extract source.

   • all above are not right ways to go. Focus about providing good content, not hiding it.
   • disable right click is useless.
   • obfuscation will not hide code, but user will need more time to get it.

Answer 5

You can't. You can make it a slight bit tricky to use the right-click menu on a page, but it remains trivial to access the source of the page. Don't expect to "secure" the code of your page.