I am learning html5/css3/javascript.

But I have found that the samples on the web disclose their source codes.

Does this mean html5/javascript can not protect source codes?

Wele any ments.

I am learning html5/css3/javascript.

But I have found that the samples on the web disclose their source codes.

Does this mean html5/javascript can not protect source codes?

Wele any ments.

• javascript
• css
• html
• client-side

Share Improve this question Follow edited May 27, 2011 at 2:46 Sparky 98.8k2626 gold badges202202 silver badges290290 bronze badges asked May 27, 2011 at 2:35 monsabremonsabre 2,09933 gold badges2929 silver badges4848 bronze badges 1

• 5 That's really no different than it's always been. – Sparky Commented May 27, 2011 at 2:38

Add a ment  | 

3 Answers 3

Sorted by: Reset to default 11

All of those (HTML, CSS, JavaScript) work on the client side, always have, they are part of the presentation layer and the web browsers have always been capable of displaying the source code for what's presented to the user.

So no, you can't have closed-source projects that are solely based upon HTML, CSS and/or JavaScript

You can't really protect JavaScript since it has be run by the browser.

There are tools to obfuscate JavaScript but it's trivial to reverse the process.

One of the things that really irritates me about JavaScript is the fact that it is non-piled. One way you can help bat this is by using a minifier before you deploy your source. Here is a good one for CSS and Javascript: http://aspnet.codeplex./releases/view/40584

Another way you can manipulate the Document Object Model (DOM) without using Javascript is the use Silverlight/Flash or a Java/DOM API like: http://www-archive.mozilla/projects/blackwood/dom/

You can also try using an obfuscator but usually minification does a fair job of obfuscation. Please don't rely on JavaScript to enforce secuity for your site since Javascript can be easily hacked. It is okay to use JavaScript to help the user find his/her way, but all client side Javascript validation must be followed up with Server Side validation.