Jump to content
Claris Engage 2025 - March 25-26 Austin Texas ×

JavaScript: NN and IE right-click dissable


This topic is 7846 days old. Please don't post here. Open a new topic instead.

Recommended Posts

as the topic of the post said....

is there a way to apply a right-click disabeling on NN (mozilla based)AND IE?

NOT just newer versions of browsers...anyone can D/L older version and browse through your code!

so, any of you guys found a nice JS?

my IE contrib:


function disableRightClick(e)

{

  var message = "Right click disabled";

  

  if(!document.rightClickDisabled) // initialize

  {

    if(document.layers) 

    {

      document.captureEvents(Event.MOUSEDOWN);

      document.onmousedown = disableRightClick;

    }

    else document.oncontextmenu = disableRightClick;

    return document.rightClickDisabled = true;

  }

  if(document.layers || (document.getElementById && !document.all))

  {

    if (e.which==2||e.which==3)

    {

      alert(message);

      return false;

    }

  }

  else

  {

    alert(message);

    return false;

  }

}

disableRightClick();

thank you in Advance!

Link to comment
Share on other sites




 function right(e) {

 if (navigator.appName == 'Netscape' && 

 (e.which == 3 || e.which == 2))

 return false;

 else if (navigator.appName == 'Microsoft Internet Explorer' && 

 (event.button == 2 || event.button == 3)) {

 alert("Right click disabled");

 return false;

 }

 return true;

 }

 document.onmousedown=right;

 document.onmouseup=right;

 if (document.layers) window.captureEvents(Event.MOUSEDOWN);

 if (document.layers) window.captureEvents(Event.MOUSEUP);

 window.onmousedown=right;

 window.onmouseup=right;



  

Link to comment
Share on other sites

Oh I must attack you for this one smile.gif

In Czech Republic 99+% .......ha?! Internet=CZ/CR?

I guess its ok if you limit of IP ranges for CZ only

what about the rest of the world...I get about 10-15 router based attacks-weekly- from China...they can not even understand nor read the pages behind it...but YET some one is "drilling" and if downlading Mozilla build 1 or 2 or x is all they have to do to get the source code/site structure/db ...etc. makes me :??

I guees my follow up question would be :

Q:What is the real danger behind someone knowing the source code=DB,site structure...?

to my knowlede steps to follow/use:

-Web Security DB

-chromeless windows(source,status bar-links,navbar)

-no right click(source code)

-forced frames

-tokes_cookies

but all this still does not convice me that I am "secure"

what is your thought on all this?

Link to comment
Share on other sites

Did you check the security holes and problems and -raw syntax threads?

FM on web through WebCompanion *and* secure? If you are careful, use everything in your power and all full security protection like ExactSearch, then you are reasonably secured. But I wouldn't trust FM driven website with my CC numbers.

With Lasso -- yes, it is secure as anything else on web. It can be, depending on design 1000% more secure, than FM-WC combo can.

Link to comment
Share on other sites

It is not about how you use it.

FM hackers may use it and with XML or -raw query *everything* will be revealed.

There are ways to prohibit that. E.g. in Web Security db set Exact Search.

Or filter somehow out the -Raw and XML syntax, etc.

That thread is The Most Interesting Thread about FM on Web Security problems. Without implementing that, your *everything* is revealed.

Link to comment
Share on other sites

"There are ways to prohibit that. E.g. in Web Security db set Exact Search."

Q:I was wondering what to do if I *need to have search options such :equals,contains,begins....how would I protect from that? blush.gif}

thanx...

Link to comment
Share on other sites

I can think of some static value passed via tokens, which will be always included in searches and have "Exact Search".

We developed pretty good filter for cutting of this "hacking" syntax for Windows. Problem is that it filters also the communication between WC and WS Connector, so we disabled that.

FM on web has those holes there for years frown.gif

Link to comment
Share on other sites

...I guess this is the part when "you will not like FM" comes out.

I have used the token concept much like "session variable"(although its a "drag to drag them arround" and remeber) but that was used for "exact search" on "user-owned-created" records....

the issue kicks in when one has to search all the records...to my knowledge tokens can't help much when "lte" ir "gt" is abs. neccessary.

I don't know much about XML but I know it is a powerfull "trigger" to many XML compatible applications....the most worries I have is the execution of XML on a given IP or DB since FM likes XML....navigation-wise tokens work just fine!

...I feel like my neighboor from the top flor has just flushed "his goods" on me....well if nothing I learned some CDML; protecting it "would" frown.gif be nice....?!

Link to comment
Share on other sites

I guess you've got the idea. I was expecting FM would come with something better in v. 5.5 or 6.

But no, it is still clumsy or unsecured or both frown.gif

The investment in Lasso is worth if you don't have to use 8 bit languages like W-1250.

Link to comment
Share on other sites

This topic is 7846 days old. Please don't post here. Open a new topic instead.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.