As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Is there a free open source software for protecting HTML from "select all", "copy" and "save as".
No. Neither is there non-free nor non-open source software to do it in a reasonable way.
There are a couple of tricks you could try (generating all the content via obfuscated JS, checking the URI with JS, and so on), but they are easily bypassed and have unpleasant side effects (not least of which is making it impossible for search engines to index the content).
As David Dorward said, you effectively cannot do this, but there are a few approaches you can take as long as you're willing to abandon pure HTML. All are ugly and I do not advocate their use for a multitude of reasons. Most of those reasons should be pretty obvious.
I mention them only because I have been in situations where I have been required to do this by the business requirements of a customer. I could either lose the customer or figure out a way. Since most business folks aren't software purists, they simply didn't care how it was done. If you're in this situation, I sympathize.
You could generate an image on the server side and display the information as an image. This approach was once used by the local sheriff's office, but they eventually went back to HTML since images are costly in terms of server resources and bandwidth. There are many open source ways to generate images.
You could use a technology like Flash or Silverlight to display the information. You would then have much greater programmatic control over disabling the copying of the information. I strongly prefer the HTML/CSS/JS approach to web programming due to its far reach and simplicity, so I don't recommend this approach either. Also, since it isn't open source, it's probably not an option for you.
Good luck.
To put it bluntly there is nothing that will piss me off faster about a web site than the developer trying to take control of what I can do with my browser. I'm not alone in this regard so do realize that many people will eventually just say to he'll with the web site and whatever business it is trying to support.
The simple way to deal with this is to simply avoid showing the nonsubscriber the data in question. Rather feed the nonsubscriber dummy info or good info that gas critical parts obscured. What you don't want to do is to screw around with code that hamstings somebodies browser or worst makes that browser unstable.
Basically it comes down to this do not cause harm and do not impact normal operation of a browser. There are perfectly sane ways to show a nonsubscriber what he might get if he where a subscriber with out risking vast amounts of content.
Dave
This is absolutely no way to achieve your underlying aim, which is (apparently) to stop a non-subscriber copying or saving data. If a user can see the data, then they can copy it. End of story.
They can take a screenshot and use OCR. They can always get out a pad of paper and a pencil and copy it down. This might seem like a lot of effort, but you have to ask yourself: is it worth the effort to evade what you're charging for subscription?
The best advice is to find another way to do business.
If you allow something to be readable by users on the web, it will be possible to copy.
One can always take screenshots or simply write the text again while looking at the original.
Related
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Besides the new Google Docs, all the other WYSIWYG web-based rich text editors (ckeditor, tinymce, old Google Docs) I've seen are based on contenteditable or designMode. I personally hate using these editors. It doesn't take much formatting or copying/pasting before the whole experience turns into an exercise in frustration. Returns suddenly start getting double-spaced, unintended formatting gets introduced via pasting from other HTML sources, undo's/redo's are completely broken, formatting becomes excruciatingly difficult to control, etc.
I believe this is one of the reasons Google Docs introduced its own much more constrained, non-HTML formatting engine. Is there any open-source library out there that provides something similar? Thanks in advance.
You could start with the Ace editor (formerly Bespin and Skywriter). It's aimed at code editing, so it's missing formatting and other features, but you may find a useful core of functionality to base a rich text editor on.
In action: http://ajaxorg.github.com/ace/build/editor.html
Code: https://github.com/ajaxorg/ace
Update: As #theazureshadow points out, the current editor doesn't use canvas as I originally reported. Bespin used canvas before it merged with Ace, which uses the DOM. Peeking briefly under the hood, it doesn't appear they are using contentEditable or designMode, though. (There's a <textarea /> that follows the cursor around and spans and divs to show the text - a bunch of custom JS to wire it all together, methinks.)
From ace.ajax.org > History:
Bespin started as part of Mozilla Labs and was based on the
<canvas> tag, while Ace is the Editor component of the Cloud9 IDE
and is using the DOM for rendering.
You're right: it's much nicer.
Is there an open-source library out there that provides [a document editor that doesn’t use the browser to handle editable text, instead using a custom editing surface and layout engine, entirely in JavaScript].
Doubtful.
First, the editor is dubbed "Kix". It's not non-HTML, but it doesn't use contentEditable because it sucks for what they're doing, as you mention. What it does is tricky and bulky to do right, and I'm sure it took them a good bit of effort to create it.
That said, why would Google open source Kix? It undermines their effort to be your documents hub, and it would mean they have to do a bunch of additional work to separate Kix from the rest of Google Docs in a way that doesn't leave it difficult to integrate. The benefit? Not much, seeing as though open source projects sponsored by Google are unlikely to see support in the form of developer-participation in improving it.
As for someone creating a library to do it, I'm doubtful it'll happen in open source. Usually open source projects that are a significant undertaking are university or company sponsored, and that's not likely in this case for the reasons above. Then again, if a developer has an itch for it, there's no telling where it could go…
There's HTE, unfortunately it is slow and misses a lot of basic selection functionality.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I'm talking about these.
Yeah, I know they are intended to show that the page conforms to the standards and should link to page revalidation service. Ok. But why should I as a regular user bother with this? As a visitor I'm indifferent to whether the page is strict XHTML or not, whether it contains dirty IE hacks or not. It is important that a page renders correctly, is convenient and works fast. That's all! And in reality, in many cases these requirements don't get along with W3C standards smoothly.
So what is the mania to add something targeted toward developers to a product face? Am I missing a point?
It's not a selling point like the "Be Safe With " type tags.
Including the w3c badges are a way to show that you know that there are standards that should be followed for web page construction. It's a way of showing that you want to be courteous to all users no matter the browser and to help promote the idea that browsers should implement, at least, the standards.
It's also a way to educate your readers. Not everyone knows that these standards exist or why they exist. Educating your readers will hopefully empower them to find a browser that fits their browsing expectations and to raise those expectations above "show me some images from 4chan."
Though, at the end of the day, it usually turns out to be another way to put things on a website because you lack the artistic savvy to make things look good without putting 'stickers' all over something.
It´s weird but virtual medals do work. It´s no coincidence that SO has rep and badges.
There are plenty of sites with important text that is missed by my browser because I don't use the browser that the author of the page used. If I see one of these badges then I can be confident that all of the page is rendered.
It is important that a page renders correctly, is convenient and works fast. Thats all! And in reality, in many cases these requirements don't get along with W3C standards smoothly.
You don't think these are conflicting ?
I would take the validated page over the "with hacks for every browser" page any day.
It matters to no one, including potential employers and other developers and especially not to users. I've seen pages that do NOT validate despite the badges, and valid markup only means the syntax is correct but does not mean it's well designed, laid out, formatted, well thought out, flexible, usable, or of any interest to anyone else. I'll look at the markup to see what the author has done and that is what counts.
It's just a way to show your technically competent users that you are technically competent. They have no other reason to be. I try to validate always, but never put them. If I had a blog, I might put them in the about section.
It's just bragging rights. Same as any badge/award implementation. Sure, it doesn't really matter to 99% of your visitors, but it might matter to you, the developer.
You do not need the badges. When they are present however, they indicate for you that all modern browsers will render the page [almost] identically.
An example: they give the user a confidence that when he goes back home (at office he is forced to use Mac OS X, but has Windows at home), the page will still display properly for him. Nothing critical, but sometimes really important to know.
As a visitor I'm indifferent to whether the page is strict XHTML or not, whether it contains dirty IE hacks or not.
Well, if you are using Safari and the site only works with IE because of "dirty IE hacks" then for you, the site is broken and useless. Likewise, if you are an IE user, and the site is full of "dirty Firefox hacks" then the site will be broken for you as well.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I was talking with a colleague about a problem we were having and he suggested that one possible solution was to use an IFrame.
I haven't needed to use an IFrame for he last 5 years and I've done full time web application development, but it made me wonder if the concept of the IFrame and Framesets is something that is supported by browsers for backwards compatibility but really shouldn't be actively used in development any more?
it's one of the major application integration methods for facebook and myspace. and most wysiwyg html editors rely on iframe. thickbox uses iframe. drupal uses iframes. and on and on... so not sure if it's so very simple to just call iframe obsolete. i imagine it'll be actively used for a good long while still...
It's the fastest and easiest way to get any of a number of google services into a web page, where the fuller control of the API integration is not needed.
Like anything else, it is situational. It's far from dead, and there's no reason it should be dead. The web's moving to looser coupling, and IFrame is in line with that.
At best the IFrame isn't ideal for rendering local content, but, like others have said, it is the only way to get external web-content into an application without an API and for that reason it is very important to modern web-development.
No, it shouldn't.
It's a cheap standard way to integrate functionality in a single page. Also allows some useful techniques such as COMET
Not sure if it should be dead. For one of the application I worked on for the manufacturing industry, they wanted multiple tabs to be able to run multiple programs on the same page. Knowing using just regular divs using Ajax would just be a little too much for this intensive app, we used iframes. Of course, it doesn't look like iframes to the end user (using some creative Javascripting and CSS), it looks like just a regular tabbed program.
So, saying it's dead is probably a little too soon unless there are better alternatives.
It's extensively used in ad tracking and conversion tracking; it's one of the easiest ways to put a beacon into a site unobtrusively.
I think that iFrames are not dead yet, they can be used for a lot of things and though they slow the loading speed of a website (with a few miliseconds, depends on the content).
iFrames maybe, Framesets NO. this is what i think. some things can be done only with iframes believe me i searched for another solution for a long time but for eg. a jscript can be used 2 or more times with iframes but when used on a single page it may cause conflicts and sometimes only the first thing that was using the javascript is working.
so sometimes iFrames are the right way to do it, if you can`t do it any other way.
No, its commonly used in junction with AJAX.
For example, on a page where you have ongoing AJAX requests you can't disrupt the response by closing it etc. BUT, you may need to provide a file download on the same page which would normally disrupt the AJAX request. To avoid the conflict, you serve the file download through an IFrame so that the AJAX on the host page isn't disrupted.
That's at least one use case for it =)
Iframes are not dead. They are the only method of fighting several extremely annoying bugs in MSIE (such as div overlapping a <select>), and are widely used in banner exchange networks.
If you consider the fundamental building blocks of the web you will realise that the iframe should never be removed. I have the feeling that many web developers do not properly understand the concepts of data centric systems and prefer to work in a procedural, top-down, application centric manner. There are many things done with async HTTP requests and Javascript that should simply use an iframe.
There are two fundamental concepts when it comes to linking content in a data centric world like the web - cross referencing and embedding. Hyperlinks are used to cross reference data while iframes are used to embed data. URLs are used to reference data in both cases.
A simple example is linking to an image. Cross referencing an image would be done as follows:
Link to the image
While embedding an image would be achieved as follows:
<iframe src="someImageURL" />
Of course you could use the "img" element to embed an image instead, but that is specific to images... I vote that the "img" element be removed in favor of using the more generic and flexible iframe.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I think most template engines are hard to use for designers and front end developers leaving you, the programmer with the burden of maintaining them.
And frequently updating the templates after the designer updates the html mockup is a nightmare because your templates are no longer compatible with the original htmls.
I had this problem for very long time, recently I had an idea, but I don't know if I'm not reinventing something or if something better exists.
So, I'm asking if you found better solutions for this problem and if so which one?
Since I've switched to full separation of content from presentation, I've never looked back, and here's why:
Your business logic becomes very clear. Without HTML tags and presentation logic mixed in, the code takes ½ the space and less than ½ the time to maintain. The burden of maintaining the link between code and presentation can be mitigated by specifying a formal interface between the two, even as a text file or a Wiki note, listing all the variables and values presented to/required by the presentation layer.
Frequently updating the templates from designer's changes means that your presentation layer should be sub-divided to various "blocks", such as menu block, page layout block, and content block. On most pages, only the content block is different. When properly divided and implemented using CSS and other modern web techniques, reasonable changes in design will have minimal impact on your presentation code.
CMSes automate this process even further, and are now at the point where even 5-10 page sites can benefit from using a CMS vs. hand-coded HTML from both consistency and ease of support perspectives.
Code security - Smarty is not PHP, so your designers can have a lower level of trust on the site (they can't mess with the underpinnings too much, although they can mangle the presentation to the same effect as a DoS would have, so don't mess with them anyway); if you don't care about security that much, PHPTal and others run almost at "native" speed.
As for my working solutions, I have two recommendations:
Develop a projectwide folder structure and naming convention, and stick to it. Given a name of your business logic file, I should be able to tell you what the presentation files are, and vice versa.
Have an explicit interface spec (again, a text file or a Wiki entry is all you really need) between business logic and presentation. Knowing which vars are available, and how they should be (programmer) / are (designer) formatted, makes both of them very happy when they have to maintain the page a year later.
Yes, but only if they are as close to Native HTML as possible.
Dreamweaver templates (ignoring the editor) basically accomplish this pretty well since they basically markup a plain old HTML (POH™) page with some HTML Comments.
I personally like how some CMS solutions enable me to break my templates into very small pieces. SiteCore does this well through placeholders and renderings which map to usercontrols.
I've also used UserControls heavily in the past to break out common functionality like login, menu, footer links, etc to make it easier to modify or replace functionality in the future. (ASP.NET)
What template-engines are you using? Something like Smarty for PHP?
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am looking for a text editor to be used in a web page. Where users can format the text and get a WYSIWYG experience. Doesn't need to be too fancy. But has to be easy to use and integrate into the page. Has to generate HTML as output. Support AJAX (one I checked works only with standard form submit) and has to be small in terms of download to the user's browser.
Well it depends what platform you are on if you are looking for server-side functionality as well, but the defacto badass WYSIWYg in my opinion is FCKeditor. I have worked with this personally in numerous environments (both professional and hobby level) and have always been impressed.
It's certainly worth a look. I believe it is employed by open source projects such as SubText as well. Perhaps, Jon Galloway can add to this if he reads this question. Or Phil if he is currently a user.
TinyMCE is the simplest I've found to use. I've never used it in an AJAX-enabled application, but there are instructions on how to do so on the project's wiki.
Try FCKeditor. It supports integration with most popular platforms, and it's fairly lightweight.
You might also want to look at YUI's Rich Text Editor.
If you're starting your site from scratch or haven't invested a lot of effort into another JavaScript platform, Yahoo User Interface (YUI) is a very complete JavaScript library that could help you add other AJAX elements beyond a text editor.
I just did a full day of evaluation of all the ones mentioned so far (and then some), and the one I liked the best is Obout Editor. I think it might be for ASP.NET only, so it might not work for you, but if you are using .NET, it's great. The HTML output is clean and nicely styled, and the rendered output looks the same in the editor as it does when you output it to the page (something I had trouble with when using the others due to doctype settings in the editor). It costs a few bucks, but it was worth it for us.
I found TinyMCE pretty easy to implement. And it's light on bandwidth usage too.
Using fck for some tine now, after "free text box", or something like that. Had problems only once, when I put fck inside asp.net ajax updatepanel, but found fix on forums. Problem was solved in next release.
I would like to see some nice photo browser in it, because fck comes only with simple browser that displays filename, no thumbs. The other one, that has thumbs costs bunch of money.
Didn't try it with asp.net mvc, don't know how will uploading work. It uses one ascx for wrapping js functionality.
i started out using free text box when i was doing a lot of asp.net programming, but now that most of what i do is php i've moved to the FCK editor.
while the change wasn't necessarily prompted by the language, i feel that the fck editor is a better choice because of it's versatility.
For something minimalist, take a look at Widg Editor, it's truly tiny and very simple. It's only haphazardly supported as a hobby project though.
I'm currently using the RTE component of DynarchLib, which is highly customisable - definitely does AJAX - but a bit complicated and not very pretty. It is actively supported, and you can get answers on their forum very quickly.
I previously tried Dojo's editor, and found it broken and badly undocumented. YMMV.
Edit: In response to other people's answers, I've now tried TinyMCE and found it to be excellent. More easily configurable and far fewer problems than anything else I've tried. Use TinyMCE!