This is my directory look like:
Content in index.html:
<html>
<body>
<script src="data.js" />
</body>
</html>
My problem is:
I don't want user to see my data.js by direct link like www.sample.com/data.js
But data.js still allow access from index.html
I tried in .htaccess like:
deny from all
or
RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?localhost.*$ [NC]
RewriteRule \.(gif|jpg|css|js|png)$ - [F]
But it alway block access from index.html too.
Thanks.
My tips are easily bypassed, but without be careful, we can be trapped.
You can replace or remove script tag with javascript for hide this in live view of the page. But if you watch directly the network, you can see easily the javascript file/code.
<div id="RemoveMe0">
<script type="text/javascript">
//This code it is hidden to live view.
var my_var = 5 + 5;
$('#RemoveMe0').remove();
//or document.getElementById("RemoveMe0").innerHTML = "";
</script>
</div>
For include javascript :
<div id="RemoveMe1">
<script type="text/javascript" src="Javascript/MyJS.js"></script>
<script>
//Your include it is hidden to live view.
$('#RemoveMe1').remove();
</script>
</div>
Put your files in an HTML file (myfile.js to myfile.html), like this on a direct view you can execute a javascript function.
function Hello() {
alert("Hello");
}
Hello();
//<script>document.body.innerHTML = "";</script>
Or if you don't want to rename your file, you can to use .htaccess file to modify file header.
AddType text/html .js
You can use tool like this :