I don't know exactly how keepa does it, but using an iframe also doesn't completely prevent someone from snooping the data that has been sent to the browser. Using an iframe doesn't make any difference since the iframe is yet another document and data that is retrieved from the server, and thus available as resources in the browser. It does appear they have some way of detecting whether the browser's debugger is open as well, since I can't snoop just by opening the debugger before loading the page.
Even if the browser prevents access to the resources, a proxy server can be used between the browser and server to watch everything requested and grab everything that is sent through it. Only encryption has a chance of preventing access, if the decryption is done securely in the browser in a way that prevents any snooping via debuggers or other addons. I don't think browsers are up to that level of security yet. On Tue, Mar 7, 2017 at 4:29 AM, Manuel Regidor <[email protected]> wrote: > Thank you very much for your fast reply, Daniel. > I have seen this example, but using another library. > Keepa - https://keepa.com/#!product/9-B00DWRNHFS > They show graphics without source code. It's an iframe. > Do you know how to achieve that behaviour? > > El martes, 7 de marzo de 2017, 2:44:46 (UTC+1), Daniel LaLiberte escribió: >> >> You can make it harder to find the data, but not impossible since the >> data is sent to the browser where the charts are rendered. You could >> actually render charts separately and save static images. They won't be >> interactive, however. >> >> One way to make it harder is to remove the code after you are done >> rendering the chart, especially the code that contains the data. >> >> Another way to make it harder is to fetch the data with a separate XHR >> request. That way it doesn't show up in the source, but it will be visible >> to anyone who can use a debugger. >> >> -- >> Daniel LaLiberte <https://plus.google.com/100631381223468223275?prsrc=2> >> [email protected] 5CC, Cambridge MA >> > -- > You received this message because you are subscribed to the Google Groups > "Google Visualization API" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to google-visualization-api@ > googlegroups.com. > Visit this group at https://groups.google.com/ > group/google-visualization-api. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/google-visualization-api/7f2a2a33-720c-44fc-9584- > 4a4c4f6ec2d6%40googlegroups.com > <https://groups.google.com/d/msgid/google-visualization-api/7f2a2a33-720c-44fc-9584-4a4c4f6ec2d6%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- Daniel LaLiberte <https://plus.google.com/100631381223468223275?prsrc=2> [email protected] <[email protected]> 5CC, Cambridge MA -- You received this message because you are subscribed to the Google Groups "Google Visualization API" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-visualization-api. To view this discussion on the web visit https://groups.google.com/d/msgid/google-visualization-api/CAOtcSJN0v3hFGgd0o0X0fuDrKgx4EErrHZ%2BFxUpGzrkgxiF%3DgQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
