hello, I suppose what I whan to do should be impossible, but maybe you know any way to do it! I have all my javascript functions in functions.js, I would like to forbid the user write: http://whatever.com/funtions.js and see the script. It's clear that the browser must read the script in order to execute it, so, I cant change the permissions. Does it exist any way? Thanks!
This is a terrible idea. If you still want to do it, you could wrap it in a PHP script or something and force no-cache headers, enforce referrers required to view it from your main pages. (note, it will break your site for every single Norton/some NOD32/any firewall that drops referrer) e: i'd like to reiterate that this is a very very very bad idea and is nowhere near foolproof and that JavaScript is client side scripting. if you don't want to show code, then do it all server side at the expense of a few reloads or whatever, don't do it with javascript
There is no way to completely hide your javascript. Firebug and other tools can always get in to it. Even if you wrap it in PHP it won't be hidden. Best you can do is encrypt it. That is not full proof either. It just makes it harder on the developer to read. http://www.protware.com/
it's not that bad, and you can have graceful degradation - define a variable 'hasworked = true;' and check for it after the <script> tag goes for the php, if not true, tell them to disable their anti virus anyway, it's the correct response, rep++