MadCap Software Forums

Hi everyone
We're about to move from CHM targets to WebHelp. The only concern we have is that we're now risking users editing the HTML files.
One suggstion has been to use 'junk' filenames so that it will be more difficult for users to identify what they are tempted to edit.
For this to work I'd need to work using the titles instead of the meaningless filenames. Can I set up the Content Explorer to show the titles and not the filename?
Is there a better solution to this problem?
I'd be grateful for any suggestions you may have.
Many thanks
Take care.

Suze

Do you really think that's much of an issue? In order to be able to edit the files, they'd need to know where they're stored (which, granted, wouldn't be hard to do), but they'd also need to know XHTML. Are your end-users someone who might know XHTML?

Either way, the help file is copyrighted material, so modifying the files violates copyright laws. You can also add text to your license agreement stating that modifying the help files is not allowed, could void the license, or whatever else you want to say.

Hi Lisa
I agree with you and have made those points to our regulatory folks. However, I've been asked to do what I can.
I believe that we need do what we can to ensure that anyone who attempts to change or delete a file knows that they really shouldn't be messing around in that folder. Anything that keeps the user away from the files is good. Giving the files scary filenames was one suggestion.
It would be great if I had a cunning plan for this.
Thanks folks

Suze

You could try having your installer make the files read-only. That way at least the person has to explicitly change it's properties before saving.

Another option you could look into is using AIR instead of plain webhelp. That will compile everything into one file for you, so they would need to decompile it in order to make changes. The one major caveat, though, is that last I heard we can't make AIR help context sensitive at this time.

Hi Kevin
Read-only sounds a good idea.
We need CSH though, so AIR is out.
We're meeting on Thursday to discuss this, so I'll take the ideas with me and we'll see how we get on.
Many thanks

Suze

Well, is there a dire need to get off CHM? That is much more difficult to alter than a plain XHTML file. If obfuscating the files is such a top priority I'd go back to CHM or only serve WebHelp via internet, for which they'd need to hack the web server first to get to the files.
In my experience such drastic measures are typically not needed and often enough easy to circumvent. One other option would be to obfuscate the files and use a local server that has special code in a DLL that will read the obfuscated files and serve up clean files. That still allows the users to break the files and make things to stop working.

I'm assuming you are worried about internal users editing your source files - once you put stuff 'out there' you have no control, anyone can right click in their browser and view source to copy the HTML and recreate their own version of the files.

If it is internal security, can you create a new user group for your server and just add the people who need to access the files to that group?

HTH

Hi,

One thing I have done (and I found out about it on these forums sometime way back when), was to include a js file that disables the RHM click, and displays a message box stating that the RHM is disabled.

This should prevent the users from being able to view the source files. The script was titled 'RightClickPrevent', and once it was inserted into my master page and compiled, the RHM is no longer available.
The script in the file is as follows:
Regards

Adrian

Does a mouse have different buttons for the left hand? I thought this always called RMB. ***end of wise remark

RamonS,

Just to confuse the issue for you.....

I am actually left handed, and operate the mouse with my left hand, but leave the buttons configured to their default settings (i.e. for a Right Handed operator).

Oh well, back to work......

Adrian

RamonS wrote:Does a mouse have different buttons for the left hand?

Of course not: the buttons are for your fingers

Adrian Durand wrote:This should prevent the users from being able to view the source files.

That code will prevent them from viewing the source in the Flare (and being able to print from the right-click menu), but you can't edit page code from that view anyway. Your code won't stop them from going to where the help is stored on the computers and manually modifying those files, which is what the original poster is worried about.

Hi everyone
Sorry for not posting for a few days; I've been away from my desk.
I'll forward Adrian's suggestion to our software team. Thanks Adrian, that sounds really interesting.
Thanks again everyone.
Have a great weekend.

Suze