HighlyIntoxicated

One of the functions on my site relies on javascript, and people have been getting around it, by disabling js.

Is there any way to block users from my site/redirect them to a page, if they have javascript disabled?

seeandsee

yes there is, i dont know how, but i saw content lockers have protection against it so there is some working solution

__________________
BUY MY SIG - 50$/Year

Contact here

HighlyIntoxicated

I've seen something similar with a content locker, except it blocked users access to the site if they had adblock enabled.

Both of these features would be awesome if anyone knows where I could find em.

rowan

Can you explain the particular functionality on your site in more detail? Does it involve fetching something from the server? If so, you could do that through j/s.

Another option would be to redirect to the content/function via j/s, and use <noscript>sorry, you need j/s enabled</noscript> kinda thing.

Both could be worked around by someone viewing the source, unless your j/s does some tricky obfuscated calculations to come up with a valid key that your server is expecting...

HighlyIntoxicated

My site isnt doing anything too complicated. I am using a content locker which relies on javascript, if users disable js they are able to get to the content, which is what im trying to fix.

prezzz

I found this solution on StackOverflow a while ago while I was searching for something completely unrelated.

Whenever a user has Javascript disabled, the <noscript> tags come into play. Among other things, you can put some CSS code within those tags and it'll be fully processed. In this case, you could wrap your entire site into a specific <div> like this:

<div id="sitewrapper">
...your site content...
</div>

and then activate a special CSS definition for those that have Javascript disabled:

<noscript>
<style type="text/css">#sitewrapper {display: none;}</style>
</noscript>

__________________

TripleXPrint

This will work only if you're using it to "hide" the content, not block access.

__________________
Skype: Triplexprint

Varius

You should not be relying on client-side code to protect your content/control access

If you really want to, you can look into javascript and/or html obfuscation, but know all of them are breakable fairly easily and may cause some browser trouble.

If you just want a solution that works against the "average" surfer, make an Ajax call via jQuery which then outputs the HTML needed to show the content; in other words, don't have it embedded in your HTML source.

__________________
Skype variuscr - Email varius AT gmail

Tempest

Difficult to do... Could have some PHP on every page that checks a block IP list... Using the noscript tags, you could call an iframe that adds the IP to the list or maybe set something in a session.. The PHP would have to clear out old IPs/session every so often as well. The check might have to be in an iframe after the noscript one so that the IP/session gets recorded first. Just off the top of my head, something like that.

But yeah, the content protection should default to NO ACCESS unless they have javascript enabled.

DangerX !!!

You can only block users with very little computer knowledge in this way, every more advanced user will pass this blockade in a matter of minutes.

__________________
This is sig area!

HighlyIntoxicated

Thanks for the information.

At the moment the content locker is doing a fairly good job, with only a few people getting around it, perhaps i'll just ride it out.

camperjohn64

You can ONLY deliver this page:

<html>
<script>
document.location = "realpage.html";
</script>
You must enable javascript to see this
</html>

If the person doesn't have javascript active, it never gets to realpage.html

__________________
www.gimmiegirlproductions.com

camperjohn64

If you wanted to get fancy, you could obfuscate the javascript target to go to index.php?page=fbdbe7277d7a77&md5=abb5b2bfbdbe7277 d7a77f7e.php and that page could then do an MD5 checksum on the md5 to confirm it's a valid target page.

This would make the hardest of hackers give up and just turn on javascript.

__________________
www.gimmiegirlproductions.com

InfoGuy

Access to your content may not be the primary motive of everyone that blocks scripts. Have you considered the possibility that some surfers block scripts by default to protect themselves from malware?

__________________
Support American Heroes | How Bad is My Batch? | Vaccine Deaths & Adverse Reactions | Free Speech Coalition | <WARNING> ePayService / Guerra Capital, INC / MTACC payments | Flirt4Free Fucks their Affiliates | Don't do business with piece of shit Andy Alvarez from Webmaster Central / VR3000, who said:
"If it was up to me, they would have shot all 30,000 of those country loving shitheads"

HighlyIntoxicated

I am aware there are legitimate reasons to block scripts, however I know for certain people are turning off js to get around my content locker, as i have seen it discussed on forums.

u-Bob

1. Client side 'protection' can always be circumvented.
2.
using Javascript print an <img src="/somephp.php">

have somephp.php set a cookie.

have your other pages check if the user came from your site (referrer) and if they have the cookie that is set by somephp.php. If they don't have the cookie, they are probably blocking js.

SmokeyTheBear

i dont get why you dont use css to hide the content.. explain what you are trying to protect ?

__________________
hatisblack at yahoo.com

redwhiteandblue

That'll work right up until they view the source and type "realpage.html" into their browser.

__________________
Interserver unmanaged AMD Ryzen servers from $73.00

cam_girls

Really basic method if you have a page where they come from, use onclick on the button.

fris

bad advice homie

iamtam

on their first page, use javascript to write a cookie. as they hit enter, read the cookie with php on the inside page. if there is no cookie set, redirect them back to the front page. if they have java turned off, there will never be a cookie, so java is likely disabled.