WishKnew WishKnew - 4 months ago 14
Javascript Question

Preventing Selection / Copy to Clipboard in Firefox

I need to prevent user from selecting text (select all or select a portion of text) in the browser Mozilla Firefox, using java script.
I have done this using Internet Explorer, but it seems doesn't work with Mozilla.

Any hints? URL? Sample?

TIA.

EDIT:

Actually, this ridiculous problem was requested by our client. And yes, we have explained them that there are thousand other ways to get the text. But they answer that they know about that, they just want to prevent for amateur user to do that.

I have done some googling and find similar problem with the solution here.

Answer

There is no way to fully protect content you publish, short of DRM schemes which are not widespread enough to be useful for a website. But to prevent simple copy-and-paste there are several approaches, each of which is very annoying to your users.

A simple way would be to cover the text with another element, such as a DIV, using CSS positioning. This would mean that when the user tries to click on the DIV to select the text there would be no text to select. Should work in any browser that supports CSS and in browsers that don't it will probably be completely invisible. Clicking on the page and hitting CTRL+A (or some other shortcut key) may select the text anyway, and it may be impossible to block all key and mouse events that can get at the text. But this DIV "lid" approach is at least unobtrusive and easy to generalize. However, this is trivially defeated by looking at the HTML source. It is less trivially defeated by turning off CSS (easy to do in Firefox, and many Firefox users are sophisticated enough to do it).

A more robust approach would be to render the text as a graphic, either using a regular image file or something like a PDF. However graphics can be OCR'ed. There are free tools for this.

Finally you could put your text in a Flash or Java applet, which would download the text from the server. Someone could steal your applet but would have difficulty making it talk to your webserver due to the same-origin security policy (note: this can also be worked around). This approach is not that much better than the PDF approach except that it makes it harder to grab entire documents, because the applet will only display a portion of the document at a time. To defeat this using OCR the attacker has to take screen-captures. Or they could reverse-engineer your applet and make a new applet (or even a regular program) which downloads all the content from your server.

All those approaches are only of the most basic use and I suspect you'll find that they don't help at all. You'd probably get more return on investment building useful features rather than this.

Comments