Javascript/AJAX in address bar

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • ShadowLocke
    New Member
    • Jan 2008
    • 116
    #1

    Javascript/AJAX in address bar

    Im afraid I may already know the answer to this..But i would like to hear from any one with some experience.

    Is there any way at all, to prevent/detect if javascript was run from the address bar as opposed to my js file. I have numerous AJAX functions that i just dont want run from the address bar. (I discovered this trick after most of the app was written) Granted..my audience wouldnt know what to do with this, but all you need is that one guy who just happens to know..and is not happy.

    Any Ideas?
    Tags: None
    • gits
      Recognized Expert Moderator Expert
      • May 2007
      • 5390
      #2
      since the javascript code is delivered to and executed at the client you cannot avoid such use of your code ... you could easyly run code from the address bar, from the firebug console or rewrite the page locally ... and: you just cannot avoid it ...

      kind regards

        Comment

        • rnd me
          Recognized Expert Contributor
          • Jun 2007
          • 427
          #3
          dont forget about greasemonkey and opera user-scripts.

          in short: resistance to open source if futile in javascript, if the browser can see it, so can they.

          that being said, you are free to make it inconvenient for users to do so.

          using const instead of var, running delete on support functions once the page loads, over-riding the .toString() method for some of your functions and variables can all help to deter/complicate 'tampering'.

          obfuscation and compression can help as well.

            Comment

            Previous template Next
            Working...