Hello,
I have a possible solution for protecting javascript .js files. For this to
work you need a scripting language on the server. I used PHP.
1. The script.js file is renamed to script.php. Ofcourse all references to
the .js file in all your HTML files will have to be changed in .php too.
2. at the top of the script.php add folowing lines:
<?PHP
$domain = "
http://www.yourdomain.com/"
$pos = strpos($_SERVER['HTTP_REFERER'], $domain);
if($pos === false) {
die();
}
?>
What it does is that the script checks by whom it has been refered. If it
has been refered from an html page on our domain then the
$_SERVER['HTTP_REFERER'] variable would contain our domain ($domain). If a
user viewed our html source he would notice the location of the JS source
with a .php extension. If he would try to enter the url manualy in the
browser the referer wouldn't be from our domain and the script simply dies,
sending no javascript to the client.