Disable buttons (F12)

Question

I would disable some buttons on my HTML test page, (F12, Right-click and Ctrl-U).

My code works, but F12 seems to be enabled and, when he is active (i mean, when i press and i see the "analysis page", Ctrl-U starts to works).

I've post the JavaScript code here, for some advices:

//  DX MOUSE
//============

var message="";

function clickIE() {if (document.all) {(message);return false;}}
function clickNS(e) {if
(document.layers||(document.getElementById&&!document.all)) {
if (e.which==2||e.which==3) {(message);return false;}}}
if (document.layers)
{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}

document.oncontextmenu=new Function("return false")


//  F12
//==========

  document.onkeypress = function (event) {
    event = (event || window.event);
    if (event.keyCode == 123) {
      // alert('No F-12');
      return false;
    }
  };


//    CTRL + U
//==============

  document.onkeydown = function(e) {
    if (e.ctrlKey &&
      (e.keyCode === 85)) {
          // alert('not allowed');
          return false;
        }
      };

P.S If i disable "alert": twice after clicking, appears popup on Mozilla and the code stops working.

If you're trying to disable view source, then give up now, it's not worth your effort. There are too many *other* (non browser) ways to get your source - eg `curl` `HttpClient` `ajax`. — freedomn-m, Jan 26 '18 at 12:32
It is generally a bad idea overriding the default behavior of web browser. https://stackoverflow.com/questions/12381563/how-to-stop-browser-back-button-using-javascript/12381873#12381873 . Try looking up kiosk mode or use electron (nodejs package) — Egy Mohammad Erdin, Jan 26 '18 at 12:33
Sorry my bad, its out of the topic. the kisok or electron, means the client need to run an executable file — Egy Mohammad Erdin, Jan 26 '18 at 12:37
Try to create another thread to show the alert with setTimeout to see what happen setTimeout(function(){/*alert*/}). — Leonardo Neninger, Jan 26 '18 at 12:41

score 2 · Answer 1 · answered Jan 26 '18 at 12:52

The big question is WHY?

Why would you try to prevent normal and well-known browser behavior? If you are trying to protect your front end source, this is no way to go. Anyone above entry level knowledge would be able to bypass this.

A far simpler solution is to minify and uglyfy your JS and it's more effective. It's by no means bulletproof, someone can still decompose and figure how your code works but you made his job harder.

All interactions with back should not be protected (at least not as only means of protection) on front-end anyway, do sanitization of data and actions on the backend where you can control the environment and are sure code and data is intact.

Everything on the front is exposed, nothing is safe, treat its information like you would treat a information obtained from a shady person selling crack on a corner.

That being said, let's answer the question:

$(document).keydown(function (event) {
    if (event.keyCode == 123) { 
        return false;
    }
});

If you still insist doing this you might wanna add into function above:

    if (event.ctrlKey && event.shiftKey && event.keyCode == 73) { 
        return false;
    }

To prevent ctrl shift i

And also somewhere in that toss a prevention of contextmenu event by calling preventDefault() when it happens;

Hi, the answer to your question is this: Recently I started selling my html templates on well-known commercial sites. it would bother me if someone managed to illegally take possession of it. I mean, I spend a lot of time in construction and design and I'd like to be reimbursed at the end. quite right? Primarily this is why I'm looking for some tricks to avoid it. Unfortunately I do not know many methods for the security of the source code (assuming they exist) and this is all that came to my mind. I know there are dedicated software, but I'm too ignorant on the subject to fight them. — sirut, Jan 27 '18 at 00:28
Fair enough, but bear in mind that any DOM parser or scraper will get your template in an instant the page is loaded. This method might fend off someone not tech savvy, but anyone with some experience under the belt will be able to steal your HTML template together with CSS with ease. Alternative is to show off images of your pages under different screen sizes or make a simple demo that only has a small part of total template / CSS / JS to show off to potential buyers. Also, you could make a video of the entire demo site. — DanteTheSmith, Jan 29 '18 at 08:50

Disable buttons (F12)

1 Answers1