How to Protect your JavaScript

0
16

Protect java script

Okay, so your problem is that you have been developing in one of many web development languages ​​such as PHP, JSP, or ASP.NET, and you love that fact that your code can not be stolen, but you hate the fact that your javascript can be stolen.

First, I will tell that in order for your javascript to be run, it has to be downloaded by the client! How else can they run it on their screen!

Let's talk about how others are able to view your javascript. First, they may simply view the source of your webpage and presto! There is your inline javascript, naked and embarrassed. So you say, let me put it in a separate file, that will show them. All they need to do is type in the name of that file at the end of your url and they have your javascript. Trust me, I have done it.

Maybe there is a way to stop them from viewing the source. You could make your page pop-up in a window with no menus or anything, that will stop them. Wrong! In firefox all you need to do is press f11 to get your men back or simply press ctrl + u to get the source directly.

But what if you could block these key presses? Then they could not have the menu or press ctrl + u to view the source. Wrong! If they are viewing your site on their computer, that means that it has been downloaded to their computer.

You must understand how a web browser works. It has 2 components, a downloader and a renderer. The downloader connects to the web server and downloads the html then the images and then whatever else needs to be downloading, including the javascript into a temporary place on your hard drive. Then the renderer renders the page using the browsers "render" engine and shows you what that page is. So how can you view a web site without it being on your hard drive? You can not !!!

What can we do?

The most effective solution is no javascript. Wait that does not work. Sorry, drugs. You can use an obfuscation tool. If you need an example go to dhteumeuleu.com. He has the best javascripts I have ever seen, but they are utterly unreadable because all the variables are 1 letter long. It's not impossible but very hard to read.

In summary, is there a way to stop anyone from getting your javascript? not while allowing them to run it.

Source

Leave a Reply