Member Avatar for vedmack

Hi
I built a html page with a single button which suppose to open new window which shows XML file...

I want to disable right click mouse in the "new window" which is being opened after button hit...

I do know how to disable the right click inside an ordinary html page : "<body oncontextmenu="return false;">"

but how can i do it in the new opened window... i tryed several ways but without luck
:/

here is the code:

<html>
<body oncontextmenu="return false;">
<script language="javascript" type="text/javascript">
    function showExternalXml(){
        w=800
        h=800

        l=200
        t=200
		globalHTML="<html><head><title>name.xml</title></head><frameset rows='100%'><frame src='c:\\dir\\name.xml'></frame></frameset></html>";
		window.open("javascript:opener.globalHTML",'HeavyXml',',resizable=1,width='+w+',height='+h+',left='+l+',top='+t+'');
	}
</script>
 <table border="1" style="cursor: pointer ">
      <tr>
          <td bgcolor=#CCCCCC>
              <input type="button" value="Display Xml" onclick="showExternalXml() "style="cursor: pointer "> </input>
          </td>
      </tr>
  </table>
</body>
</html>

Thanks ahead.

Daniel.

  • 6 Contributors
  • 11 Replies
  • 800 Views
  • 10 Months Discussion Span
  • Latest Post Latest Post by HTMLExpert

Recommended Answers

All 11 Replies

Member Avatar for ~s.o.s~

AFAIK, the oncontextmenu is not supported across all browsers. But still if you want that kind of functionality, create a new HTML page which would be popped to the user when he clicks on the link. Inside that page instead of loading the XML document in a frame, load it in an iframe . That way you can have a body element inside your newly created page which can have the attribute oncontextmenu set as false .

Member Avatar for MidiMagic

Stop trying to take over the user's computer.

It belongs to that user, NOT TO YOU!

If you want to protect your pages from things the user can do, then DON'T PUBLISH THEM ON THE INTERNET!

Member Avatar for vedmack

Stop trying to take over the user's computer.

It belongs to that user, NOT TO YOU!

If you want to protect your pages from things the user can do, then DON'T PUBLISH THEM ON THE INTERNET!

Listen...

All I want to do it to prevent the user from accessing to the source of an XML files I'm showing to the user... I don't want to revile the user the info of where the xml is locked on the network... (view source on xml opens it in notepad which by clicking "save as" gives the full path of the xml file to the user...)

thats all....

Relax... its all gonna be alright....

Member Avatar for vedmack

AFAIK, the oncontextmenu is not supported across all browsers. But still if you want that kind of functionality, create a new HTML page which would be popped to the user when he clicks on the link. Inside that page instead of loading the XML document in a frame, load it in an iframe . That way you can have a body element inside your newly created page which can have the attribute oncontextmenu set as false .

I tried ~s.o.s~ suggest...

Here:

<html>
<body oncontextmenu="return false;">
    <iframe src='c:\name.xml'>
        
    </iframe>
</body>
</html>

but the no right click does not affect the iframe... I still can press right click inside the iframe...

any other ideas?

Member Avatar for MidiMagic

That's because the right click is part of windows, not your web page.

You don't have the right to prevent it. It belongs to the owner of the computer.

What could possibly be in the XML content of a file that you want to hide?

If you are afraid that someone will steal a programming technique you devised, then put a notice in that programming.

If the user is viewing the rendered file, the file is on the user's computer disk already. He can get it with My Computer using the start button, and you can't do anything to prevent that.

Member Avatar for vedmack

That's because the right click is part of windows, not your web page.

You don't have the right to prevent it. It belongs to the owner of the computer.

What could possibly be in the XML content of a file that you want to hide?

If you are afraid that someone will steal a programming technique you devised, then put a notice in that programming.

If the user is viewing the rendered file, the file is on the user's computer disk already. He can get it with My Computer using the start button, and you can't do anything to prevent that.

Listen...its a web application that im doing... not some "fun portal"....so no users will be ticked....

All i wanna do is somehow hide the full path of the presented xml that are actually stored on some network drive...

Any ideas ono how to do it?

Member Avatar for plazmo

I tried ~s.o.s~ suggest...

<html>
<body oncontextmenu="return false;">
    <iframe src='c:\name.xml'>
        
    </iframe>
</body>
</html>

First off you cannot link to c:\
Unless name.xml is on every users computer nothing will show there.

Saving the file does not reveal the files location, its probably just that you have the src wrong.

Lastly, its not possible to completely block the rightclick.

Member Avatar for vedmack

First off you cannot link to c:\
Unless name.xml is on every users computer nothing will show there.

Saving the file does not reveal the files location, its probably just that you have the src wrong.

Lastly, its not possible to completely block the rightclick.

1) actually its on a network drive.... (c: was just an example)

2)when file is being viewed with internet explorer it is possible to right click and choose "view source" on xml which opens it in notepad and by by clicking "file->save as" gives the full path of the xml file to the user...(z:\foldername\name.xml) <-- i wanna hide this path...

3)its an webapplication.. not some simple website...

Member Avatar for ~s.o.s~

The best, safest and the most appropriate solution in this case would be to implement the functionality in the server side language of your choice.

Member Avatar for MattEvans

You can't stop the right click action in a plain XML file. On some browsers, you can prevent the right click action in an HTML file, because an HTML file is allowed to run javascript, which is allowed to intercept the right click ( as you've surely discovered ). If you're displaying plain XML, you can't usually run javascript in the same frame.

However, if you don't mind learning XSLT, you can add a client-side XSL transform directive to the plain XML file, and have the transformation add javascript and alternate HTML rendering to the plain XML. In that way, you can get Javascript in the same frame as the XML. So in a given browser ( one that supports oncontextmenu ), you can stop the user getting a right-click menu in an XML file; if you don't mind learning/doing what I just suggested. ( Not all browsers support client side XSL, although IE6+ and Firefox 2+ certainly do ). Depending on how you want the XML displayed, that may not be appropriate.

You can't stop View Source, regardless! Even if you hide the toolbar of a frame using a popup/inner frame and successfully manage to disable right-click, there could be a hotkey bound to View Source, and blocking right-click only ever works with JS enabled, and on certain browsers. ( The Opera browser for e.g. makes it very easy to selectively ignore one page's Javascript temporarily, so it's not like a user has to go to any trouble to contravene any measure you may put in-place ).

The goodness of your intentions is wholly irrelevant, as is the class of your application. You're working with browsers, and browers quite reasonably limit what you're allowed to do through them.

Member Avatar for HTMLExpert

Here ya go -- I selftought myself HTML -- :)

<script language=JavaScript>
<!--

 var message=" 'YOUR SITE NAME' SAYS: SORRY YOU ARE NOT ALLOWED TO ACCESS ANY OPTIONS ON 'YOUR SITE NAME' .   "
 function click(z) {
  if (document.all) {
   if (event.button == 2) {
    alert(message);
    return false;
   }
  }
  if (document.layers) {
   if (z.which == 3) {
    alert(message);
    return false;
   }
  }
 }
 if (document.layers) {
  document.captureEvents(Event.MOUSEDOWN);
 }
 document.onmousedown=click;
// --> 
</script>
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.