I have created an application which contains java script, which i want to be secure. I know obfuscate is a good idea to secure the code.but it can easily be decoded. can any one suggest any method through which some part or whole of my java script code can be secured.
3
-
2You can run your JS server side ;)djfm– djfm2014-02-12 07:11:09 +00:00Commented Feb 12, 2014 at 7:11
-
If you are running JS on the client, obfuscation is the "best" method of securing it (some people try to also sell "encryptors") - this is because the client must have access to run it. And someone who really wants to access the JS can.user2864740– user28647402014-02-12 07:11:39 +00:00Commented Feb 12, 2014 at 7:11
-
1Just write your code in a way that makes anyone that reads it want to kill himself. (A coding style that many people seem to use instinctively)towr– towr2014-02-12 07:29:29 +00:00Commented Feb 12, 2014 at 7:29
Add a comment
|
1 Answer
First minify your code, then obfuscate it, that's all you can do really.
Someone can take and run your code, but they wont be able to understand it enough to customise it because the variables and functions would be named like a, b, c if you minify it.
You could have some domain protection like if document.href === 'mysite' then run code, it wont secure it, but it's an obstacle
And you can load your scripts via Ajax, then eval it, that would mean it would be harder to find the script, the only way you could find it is if you checked the network requests.
As you can see there is no way of securing it, but you can put a load of obstacles in the way
3 Comments
ess
thanks for the rply...but it can be simply unminified using jsbeautifier.org
iConnor
No it can't that's just tabs and spaces
ess
Closure Compiler is a tool for making JavaScript download and run faster... how to minify js
