Giving the user no control with JavaScript
// Disable Context Menu
document.oncontextmenu = function () {
return false
};
// Disable dragging of HTML elements
document.ondragstart = function () {
return false
};
// Break out of frames
function bust() {
document.write = "";
window.top.location = window.self.location;
setTimeout(function () {
document.body.innerHTML = ''
}, 0);
window.self.onload = function (evt) {
document.body.innerHTML = ''
}
}
if (window.top !== window.self) {
try {
if (window.top.location.host) {} else {
bust()
}
} catch (ex) {
bust()
}
}
// Annoy user if context menu button presssed
document.onkeydown = function (e) {
if (e.keyCode == 93) {
alert('_')
}
};
// Disable selecting of text
document.onselectstart = function () {
if (event.srcElement.type != "text" && event.srcElement.type != "textarea" && event.srcElement.type != "password") {
return false
} else {
return true
}
};
// Disable Mousedown event, except for text-areas & Inputs where it's needed
document.onmousedown = function (e) {
var obj = e.target;
if (obj.tagName.toUpperCase() == "INPUT" || obj.tagName.toUpperCase() == "TEXTAREA" || obj.tagName.toUpperCase() == "PASSWORD") {
return true
} else {
return false
}
};
// Stop CTRL Key abuse on your page!
window.onkeydown = function (e) {
if (e.ctrlKey == true) {
return false
}
};Written by David Higgins
Related protips
10 Responses
I hope you don't use it in real life :)
Ha ha! Yeah, it's a bit evil :) I just wanted to explore how many ways I could block the user from doing things. There's a GIST here you can fork if you can find anything else to block/disable:
Does blacking out the entire screen count? :)
@davidhiggins This is irrelevant, but do you know why your gist has a red highlight? I mean:
This is the first time I've ever seen a red markdown gist.
@zhimingwang i'm guessing it's detecting that it's the wrong format (file says .md, lexer doesn't agree)
@zaus Hmm, not sure about that. I looked at the source and saw nothing suspicious; I parsed it with a couple of my parsers and saw nothing special either. After all it's as simple as a code block. In fact, yesterday whenever I copy the source as is and publish as a gist, it is highlighted; whenever I make a tiny change to it, including removing one single character or adding a single linefeed, it's normal. Today I can't even reproduce with the original source. Rather intriguing. (Maybe they broke something in the parser, temporarily? This is unlikely, but who knows...)
Effective! But I'm massively against this, would love to see the opposite of this, i.e. 'give user default access'.
Effective! But I'm massively against this, would love to see the opposite of this, i.e. 'give user default access'.
Plain HTML is always accessible, searchable, responsive, etc. :) Well, unless you really screw it up
Found a website using something like this script, you can't imagine how it's frustrating -_- !
Have a fresh tip? Share with Coderwall community!
