Security Corner

Sep 26 2009   2:46AM GMT

Protect HTML Code for Increased Security

Ken Harthun Ken Harthun Profile: Ken Harthun

If the challenges at illustrate one thing, it’s that viewing the source code of web pages can often reveal exploitable vulnerabilities. Beyond that, eCommerce sites often have payment buttons, shopping carts and other means to facilitate transactions. If the code for these things is openly visible when viewing the page’s source, a hacker may be able to inject his own code to divert payments away from the rightful vendor and into the hacker’s account. This is particularly true if the code is straight HTML or raw Javascript rather than scripts hosted on a secure server.

One solution is to encrypt the web page code. A web search will reveal plenty of tools to accomplish this; one that I’ve tried is HTML Encrypt. It’s easy to use, just paste your raw code into the text entry box, click the “Encrypt” button and see your encrypted code in the lower panel.

It’s not a substitute for secure coding, but it can serve as an effective deterrent.

Comments? Go ahead and hit the button.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: