Obfuscate Web Page

Is it no way to obfuscate a web page? Is it because browser (and human?) have to interpret the HTML code so everyone can view the source and/or download the files (in)directly?

[Forget the Pre-compilation feature of the ASP.NET v2.0 first] I came across with an interesting tool today - ASPBodyGuard.NET, I tried their demo and it's very interesting! I can't right-click and save an image file, and I also don't understand the HTML source code from my browser directly too. The quick fact of this tool states that encryption and encoding were used to obfuscate a web page by using this tool and the algorithm is quite straighforward... but I have no clue about how can they do that (Please let me know if you know their secret :)

For me, read the source code or obfuscate a web page is not a big deal. Actually I don't mind visitors view my rendered code (but I do understand the importance of JavaScript code and/or image file for control developers or graphic designers). Anyway, my concern is the “performance“ as a whole, maybe the overall page size, overhead, user-friendliness, bandwidth... for my users. :)

Colt Kwong

Published Monday, May 31, 2004 11:10 PM by Colt
Filed under:

Comments

# Encrypting Web Pages

Sunday, May 30, 2004 11:22 PM by TrackBack

# Encrypting Web Pages

Monday, May 31, 2004 2:54 AM by TrackBack

# re: Obfuscate Web Page

Colt the trick is in the Javascript eval which surely contain the code to decrypt the page.
Anyway you can still save the page to get the images.
I will not like to use this for many reasons, performance, browsers compatibility and ... education! In my view HTML should be an open source code and only the business tier (which should be server side) could be proprietary. Well if the last is server side it's not really a problem. I notice also that IE rendering of the page is not perfect, crashing quite often with the sample.

Monday, May 31, 2004 10:32 AM by Paschal

# re: Obfuscate Web Page

...not to mention that none of the sites works with my browser (FireFox)...

Monday, May 31, 2004 10:52 AM by WrongFox

# re: Obfuscate Web Page

Another thing is that if you copy the demo link and try to navigate using seperate browser, it does not work. It gives javascript error.

Monday, May 31, 2004 11:16 AM by HTML Lover

# re: Obfuscate Web Page

Did you notice that their website does not use their own product?

They also have pages with huge viewstate, when viewstate isn't needed on that page.

Makes you wonder how much they are really expers in ASP.NET

Monday, May 31, 2004 2:09 PM by David Crowell

# re: Obfuscate Web Page

Silly Rabit, Tricks are For Kids!

Sorry Colt but it's true.... lots of tricks out there that in the end don't help us a darn bit.

Monday, May 31, 2004 4:13 PM by denny

# re: Obfuscate Web Page

http://www.intesoft.co.uk/portalcs/ASPBodyGuard/ASPBodyGuard/d4abc203-d1cd-4551-b70c-419dc3c20e83.ashx

"// TODO: remove all comments and compact, obfuscate variable names, optimise as much as pos"

Very nice :-)

This is also good:

function _xbcdcbfbdec(flags,content) {
var key = "THNYyxYieA0=", iv = "LGiVqJBVtfM=";
// ...
document.write(ASPBodyGuard.Des(content,1,key,iv));

*gasp*

Monday, May 31, 2004 7:02 PM by Alf

Leave a Comment

(required) 
(required) 
(optional)
(required)