This question already has answers here:
How do I hide javascript code in a webpage?
(12 answers)
Closed 9 years ago.
I'm quite new to Angular. I've done a lot of things with it. Built an internal website in my organization.
When I inspect regular web pages with chrome dev tools, I generally can't see any important javascript source files. But when I inspect my own angularjs web site, all of my controllers, directives and factories are there, exposed to everyone.
How can I hide them from users? Do I just have to minify them?
Thanks
There is no way you can hide your script from client.
You could obfuscate it a lot, making each function dependant on another, building a massive "web" of functions that all depend on each other, but that would also make the code really REALLY messy for yourself. The best thing you could do is just put a license in your script, using /* */ and that will atleast prevent most buisnesses from stealing the code.
Javascript files are downloaded to the client so there is not much you can do.
You can try to obfuscate javascript but it's mostly a waste of time IMO
There is no way to do this. At best you can compress your JavaScript to make is less readable but at the end of the day if someone want's access to your code they can get it. That said, this is true for most programming language now a days. It's fairly easy to get the code for apps written in Java, C#, VB, and Managed C++.
Related
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
How can I obfuscate JavaScript?
Is it possible to make some of Javascript private and confidential so that certain things can remain confidential?
If you're asking whether or not you can prevent users from viewing your source, the answer is basically no.
Sometimes you can make it impossible to do right-click / view source, but people could simply use a tool like Firebug.
You can minify your code, but that doesn't hide it. It just makes it harder to comprehend.
I think what you are after is encrypting/obfuscating javascript code; you cant avoid but send your JavaScript code to the client.
The best you can do is obfuscate it, which is essentially making it harder to humanly read it. and here the SO reference if you want to go down that path
How can I obfuscate (protect) JavaScript?
I am not sure why you want to do this, is it to protect some of your own code, if so then its ok, but if you are planning on putting sensitive data such as usernames/passwords embeddeed into your javascript then please don't do so, its ok to go to the server to fetch stuff better being secure :-) happy coding.
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
Javascript library: to obfuscate or not to obfuscate - that is the question
Hi, I'm creating a very simple footer zone with a jquery animated drawer and a simple carouseel with a modal to show some products of my store.
Any decent jquery programmer will easily top this, i'm a noob, the problem is that I know my competition very well, the moment they lay eyes on this they will implement the same, I just don't want them to outragely rip off my hard earned code.
I found this javascript obfuscator online:http://www.javascriptobfuscator.com/default.aspx
is it any good?
My question is, although it "obfuscates" the code, its still pretty easy to just donwload the .js file with my code and implement it. Is there a way to make the javascript file not load/work if its not in my domain?
This + the code obfuscation would work really well don't you think? Can you point me out something like this or a simple alternative?
Thanks
Best Regards
Joricam
One thing to think about. I can simply take your obfuscated/hard to read code and plop it right on my site and boom, it works. This is not like obfuscating PHP code where it requires a tool to decode it, and run. I can take your code as is, and it works fine.
However, if you insist:
I would just use any decent javascript minimizer to make your code harder to read. Not only will this improve the load time of the script, but also make your code harder to read.
I highly suggest something like YUI compressor or Google Closure
Note that I am stating, make it harder to read. Don't bank on this obfuscation idea, as you will not find any good solutions. It is not worth your time.
My question is, although it "obfuscates" the code, its still pretty easy to just donwload the .js file with my code and implement it. Is there a way to make the javascript file not load/work if its not in my domain?
No. There is no technique that is going to prevent a determined competitor from reverse engineering your JavaScript code.
For what you're describing - a drawer and carousel - they likely wouldn't even bother. Plenty of free, open source jQuery plugins that do that are out there. If anything, you're probably reinventing the wheel anyways.
If you don't want your code to be seen, I suggest placing it all on the server. JavaScript, by design is meant to be client-side, so regardless of what you do, people will still be able to utilize the code one way or another. If you still want to hide the code as best you can, try using Google Closure Compiler.
I'm on board with the sentiment expressed by others on this thread: You're wasting your time; what you're trying to protect has very little value and is hard to protect.
To answer your question, however:
Use flash or silverlight or some other such technology and put all of your code server side.
This question already has answers here:
How can I hide or encrypt JavaScript code? [duplicate]
(7 answers)
Closed 7 years ago.
How to secure or hide javascript code on client side. Is there any way to doing so.
Thank You
Short answer: You can't/don't.
Longer answer: You cannot hide it at all. It runs on the client and it cannot be compiled to machine code.
However, you could minify it - that's basically obfuscating it by shortening variable names, removing whitespace, etc. While it's usually used to save bandwidth it also makes the code less readable.
Note that all but the changed variable names and removed comments can be easily undone by something like jsbeautufier.. but for a large application it's very hard to understand the code without any meaningful variable/function names or comments.
There is no such thing as 100% secure javascript code. This is because any code executed on the client's machine cannot be fully secure. Your best bet is to obfuscate your javascript and make it hard to read.
Your best bet is to ensure all vital secure code runs on the server, and allow javascript to do only simple, UI enhancing tasks on the client side.
As i know it is not possible. Only thing you can do it making the code very badly organized. Which will take longer time to find out actually what you are doing.
If you are searching this because of security reasons, you have to remember the only thing matters in security is the password-which is not put in the code. So find a nice way to encrypt you stuff. You can find many good ways on web.
This question already has answers here:
Closed 12 years ago.
Possible Duplicate:
Protecting client side logic & data
How can I block other from reading my JavaScript through view source?
My thing is, now one can access my JavaScript, because am not sure, but just guess some one from outside using some tool to changing my JavaScript events.
So how to make the authenticated?
You don't control the client, and javascript isn't compiled. Its a losing battle if you want to lock it down completely. The best you can hope for is a good obfuscator/compressor that would make it more difficult to read. You can also do it all in flash or something where you would have a bit more say, but you still don't control the client, and they can still decompile the source.
It's not entirely possible for you to block your JavaScript code from getting into the client side, since this is where they will get executed.
As you mentioned about changing the events, your Application must be developed in a such a way that such changes will not harm the Application at the server end. Of course, that particular user will be able to produce unanticipated output it his end, but these should hardly matter as he will be the sole viewer of those.
One side note though, there is something called code obfuscation, that is making the code deliberately unreadable. Some Web App developers resort to that. You could consider doing that.
This question already has answers here:
Closed 12 years ago.
Possible Duplicate:
What are some good ways to prevent people from copying my source code?
I am looking into ways to 'encrypt' my HTML and CSS code so that a visitor cannot simply 'View Source' and copy it.
That's not possible; you should copyright your code instead if you are worried.
Or you may want to have a look at:
Obfuscated Code
There aren't any. The best you could do is some tool that will minify or obfuscate your javascript code. However, there's no way to make it truly secure. Encryption implies decryption on the client side, which exposes everything to the user.
So why is this not possible? HTML, CSS, and Javascript are all client-based. Meaning that you have to give the user your code, and it is processed on his machine. You can't simultaneously show someone the code and prevent him from seeing it.
Depending on exactly what it is you want to protect, you may want to look into server-based technologies like PHP or ASP.
You also of course have the option of just doing a really good job to build the reputation of you/your company. After all, imitation is the sincerest form of flattery. Or doing a really crappy job so that nobody wants to copy you.