RE: [CGI] Hide Source?
: -Original Message- : From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf : Of Andre` Niel Cameron : Sent: Thursday, December 20, 2001 6:54 PM : To: [EMAIL PROTECTED] : Cc: [EMAIL PROTECTED] : Subject: [CGI] Hide Source? : : : HI, : : I needs some tips and or place to find code to hide my source code. not : just encrypt the perl scripts but to disable the view source so people can : not see my query_string calls and html source. Does ANYONE have a : solution? You can't do that. Sorry, Andre`. When you make a document public on the net, you can never keep it private from everyone all of the time -- no matter what you do, because it is public. Look at the top of the source from HTML pages on prominent websites and personal homepages alike, and you'll see that they all say something like this: http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> the key word here being 'PUBLIC'. -Tommy Butler, consultant Atrixnet, for Internet Business Software http://atrixnet.com 2200 North Lamar Suite 307 Dallas, TX 75202 -- Visit the open source Perl archives at Atrixnet http://www.atrixnet.com/pub/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [CGI] Hide Source?
Hmmm - here is an interesting idea on the HTML source side of things, but realize that HTTP servers were meant to serve documents and browsers built to know and interpret and reveal the sources thereof. That said... Some people "right click" and use the pop-up menu when trying to view a source, you can use JavaScript to disable that, and then pop your pages up in a custom window with no menubar. You can also put a whole bunch of white space before your tags to make your source look blank. Both of these are easily bypassed and you'll probably alienate a LOT of people doing these anyway. Use JavaScript document write() to make your page and then include that file from a different file, which might thwart maybe a few people as well. I don't think that these methods are worth the effort. How bout storing critical data on the server side?? -Original Message- I needs some tips and or place to find code to hide my source code. not just encrypt the perl scripts but to disable the view source so people can not see my query_string calls and html source. Does ANYONE have a solution? Regards, Andre` C. Technical Support of Jann.com. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [CGI] Hide Source?
Folks, speaking of javascript, visit http://www.ultracgis.com/cgi-bin/UrlReaper I wrote a simple UserAgent that doesn't understand javascript. Try to deal with it now. It's another proof that if someone wants to view your HTML, he/she can by any means possible. jonl: Some people "right click" and use the pop-up menu when trying to view a jonl: source, you can use JavaScript to disable that, and then pop your pages up I can also turn Javascript off in my Netscape browser and disable the javascript itself. So as Jon mentioned, keep all your critical values in the server. Your filesytem is something that you can protect, not html pages that you are writing for the browser to read -- Sherzod Ruzmetov <[EMAIL PROTECTED]> http://www.UltraCgis.com, Consultant 989.774.6265 010010100101010101001100 ++ | There is nothing wrong with your tools.| | But we can make a better one. | ++ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Script expiring
Hi, I have a scheduled task that generate a script each 10 minutes The problem is the following: When i access this script via browser it is ok... but when the task runs, it apear in the screen that the script produced no output... So i have to reload it... is there a way to avoid it??? Thanks in advance, Wagner -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Hide Source?
Hi, On Thu, 20 Dec 2001, Andre` Niel Cameron wrote: > Ok people dont get this. I am making a game and I dont want them to be able > to see form fields and function calls/quer_strings so I can prevent > cheating! Well any way I have a related question, with java script I can > load a window with no menu bars,address bar etc can perl do the same if so > please let me know how:) HTML source is sent to the client and once the client has it, it has it. You can't send it then hide it. You can play tricks with Javascript but that's like using a $00.50 lock. Try using Java or Flash if it is that critical that no one use source to get an advantage playing the game. In other words, avoid an HTML/CGI application. Read the HTTP RFC for details on the interaction between the server and client. Lisa Wolfisch Nyman <[EMAIL PROTECTED]> IT Warrior Princess "Life is too short to wear ugly underwear." Get the facts at http://quickfacts.census.gov/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
cgi error - can't figure out
i am getting this error message in my apache error_log when i try to upload a file... CGI.pm: Server closed socket during multipart read (client aborted?) i do not abort the upload. i get this error as soon as i hit my "upload" button. weird, i can upload smaller files no problem. files that are between 10-40k are no problem. when i upload 100-400k, i get this error immediately. is this an apache configuration issue? matt -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [CGI] Hide Source?
> -Original Message- > From: Andre` Niel Cameron [mailto:[EMAIL PROTECTED]] > Sent: Thursday, December 20, 2001 10:34 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: [CGI] Hide Source? > > > Ok people dont get this. I am making a game and I dont want > them to be able > to see form fields and function calls/quer_strings so I can prevent > cheating! Forget about all the disabling "view source", et al. To prevent "cheating" you need to: 1. Store the "secret" data on the server and use a session key of some sort that the client can pass back with each request to tie back to the secret data. 2. Compute a message digest (e.g. MD5) over the session key to prevent tampering. For an excellent treatment of these subjects, see Lincoln Stein's "Writing Apache Modules with Perl and C". If the game runs entirely on the client (JavaScript), then you're out of luck. > Well any way I have a related question, with java > script I can load a window with no menu bars,address > bar etc can perl do the same if so please let me know how:) This is an orthogonal question. Perl runs on the server, JavaScript runs on the the client. So, no Perl can't load a window without menu bars, etc. But Perl can create responses that contain JavaScript or other client-side constructs to achieve that result. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Script expiring
> Hi, > > I have a scheduled task that generate a script each 10 minutes > > The problem is the following: > > When i access this script via browser it is ok... but when the task runs, it > apear in the screen that the script produced no output... So i have to > reload it... is there a way to avoid it??? > > Thanks in advance, > Wagner > Could you include some source code, so someone can try to figure out what you're trying to do. I can't :) -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Readdir
Thanks a lot for Your Help during these months (especially for Your good solutions to my problems). Best wishes for Merry Christmas and Happy New Year !! Bye Angelo -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cgi error - can't figure out
Boex,Matthew W. wrote: > i am getting this error message in my apache error_log when i try to upload > a file... > > CGI.pm: Server closed socket during multipart read (client aborted?) > > i do not abort the upload. i get this error as soon as i hit my "upload" > button. weird, i can upload smaller files no problem. files that are > between 10-40k are no problem. when i upload 100-400k, i get this error > immediately. is this an apache configuration issue? try setting post_max directly to something high: $CGI::POST_MAX=1024 * 1000; # max 1000K posts and see if it still happens. i don't know what the default setting is if it's not specified. ps - i didn't cross-post this response to the mod_perl list - it's a cgi question for sure. -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Perl debugger
Hi everybody! I have a question - what software is the better for debugin perl-scripts to your opinion? I can't find a prog for myself, so ... -- Sinsirely, Cyrill S. Polikarpov [EMAIL PROTECTED]
