This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
How can I obfuscate JavaScript?
Hi I need to Encode my js file to upload my host when save my page i dont want user see my js and my javascript code any body idea
you can't encrypt or encode your JS as the browser needs to run it.
The only thing you can do is to minify it, so it gets hard do read. But someone with the right tools and time will be able to reconstruct the code.
Hi there is no way to encript a js page, but there are a few tricks you can do to obscure te code.
First, you obscure the code, by changing the variable to value that do not make much sense. If you do that, keep a original copy.
ie.:
var firstname = 'Paul'; // change it to var fn = 'Paul'; or var 00110011 = 'Paul';
function returnFirstname(){} // change it for rtnFN011010(){}
In order to do that, you would need to program a script that does it for you.
Second, minify your code : http://fmarcia.info/jsmin/test.html
Good luck
The is no definitive way to do this, the best you can do is minify your js file. Search Google for "JavaScript Minify", there are plenty of tools out there...
Related
This question already has answers here:
Why pass parameters to CSS and JavaScript link files like src="../cnt.js?ver=4.0"?
(9 answers)
Closed 3 months ago.
What is "?_=3.5-SNAPSHOT-Dev" mean after ".js"? I do some research on google but no idea what it mean and what it use for
<script type="text/javascript" src="js/jquery-3.5.1.js?_=3.5-SNAPSHOT-Dev"></script>
It depends on the server that's serving your Javascript. Generally, variables like those on JS files are used for cache busting. I think in your example, 3.5-SNAPSHOT-Dev could be a release tag. If this JS file is now on your own machine, you can safely discard the ? and anything after that. If you're getting this from another server somewhere, seek out documentation about that server to see what they use the _ variable for.
This question already has answers here:
Call Javascript function from URL/address bar
(14 answers)
Closed 2 years ago.
I am currently learning some web programming related stuff. I'm a little confused on how I insert some javascript into say a random URL. I'm trying to insert an alert message with an echo payload so I couldn't do javascript:alert("testtestesttest"); which will work.
Should this not work?
echo?payload=javascript:alert("test");
I am using an older version of my browser so that javascript execution is possible. But for some reason javascript:alert("test"); works by itself but when i add it onto the end of the url with the echo payload it's just echoing the text after the payload.
EDIT: I have found my solution. Sorry.
you can do it ) of course everything is possible! Not sure modern browsers will allow this request. Need to check.
Buth this approach is usafe from the user prospective.
Imagine that somewone will put tricky code and use your site domain as trusted and will send a spam using this link.
Hey bro here is discount you can get!
https://someknownSite.com?javascript::getyourpasswordcode
Then why do you want to make this happen via URL? Let say you have a page, called "myAlert.php".
So what you can do is, you can write a script on this page, which will simply show the alert when somebody with this URL will access this.
Or you can also, write a simple condition that when a request has been made to this URL, you can show the alert box.
But If you are trying to insert the javascript in the URL and expecting the result then it's not possible. Because modern browsers won't let you run a script as the "< >" symbols will be changed.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
I heard lot of experts saying entering php code inside javascript is not a good practice. I wanted to know if it's true. If yes, then will it effect the performance? or is there any other reasons?
For example:
<?php
$num=1;
?>
<script>
var x = "<?php echo $num;?>";
</script>
No, it is not good practice.
will it effect the performance?
I do not specifically know which performance you meant when you wrote that line, but about all performances I can imagine, I would say: Most certainly, no.
is there any other reasons?
Mixing two languages is hard as it requires proper encoding. This makes things complex. Complexity is bad practice.
Typically, it is bad practice to use language X to generate code in language Y.
Try decoupling the two languages by making data their only interface -- don't mingle the code.
In your example, you could improve the code by using PHP to populate a cfg structure that's available to JavaScript:
https://softwareengineering.stackexchange.com/questions/126671/is-it-considered-bad-practice-to-have-php-in-your-javascript
NO it will not effect the performance, but it affects manageability and security.
In your case, can your javascript function without knowing the value of num? or Are you just developing the JS script from PHP? Latter is the use you should avoid.
Lets take an example where num was used to know the number of items in shopping cart. Now thats a very vital piece of information, but since its JS, it can easily be manipulated. In such case, you should store such sensitive information on the server and not on the client.
A few points:
You lose the ability to minify your JS scripts because it depends on PHP output
Code quickly gets difficult to maintain. You will need to scan through PHP tags in your javascript code.
Normally, I declare a global config object and pull it through a separate ajax request when the page loads (This can be a PHP script echoing JSON).
MyApp : {
x: '123',
y: 'xxx'
}
and then access it from my javascript files later:
(function(){
alert(MyApp.x)
})();
I dont think this a bad practice, if the values are dynamic, you can just do as,
test.php
<script type="text/javascript">
var foo = '<?php echo $foo;?>';
</script>
<script type="text/javascript" src="test.js"></script>
test.js
$(function(){
alert(foo);
});
If it is not dynamic values, recommends no need to use php tags
I don't think it is that bad. Assign your dynamic PHP values to a JavaScript variable in your PHP templates(as first line if possible) and then call these variables inside your external JavaScript files. And I fully agree with #hakre answer.
This question already has answers here:
Closed 12 years ago.
Possible Duplicate:
How can I obfuscate JavaScript?
Is there any way to protect my js file or javascript function from user to view?
You could minify/obfuscate it but the function would still be visible to the user.
Nope but you can always obfuscate. just look up online for javascript obfuscator. It makes code harder to read but it'll still be decodable.
If you need to hide code may I suggets something serverside such as php, aspx etc..
Like Darin sayd, you can obfuscate the code.
But if you want execute a js file on a browser, the user can get the source code. There is no way to avoid this.
Could anyone please tell me about how one might go about implementing your own custom tags in JS pages served by ASP.NET?
Basically what I am looking to achieve is a way of creating "includes" for my Javascript files by adding some code such as.
//Include Src="MyJavascriptFileLocation.JS"
And then having the ASP.Net handler serve my javascript file but also dynamically append the referenced javascript file to the location where the include is written.
Could anyone please guide me in the direction I need to go to accomplish this?
You could do this by including the name of the Javascript file in an HTML comment and then overloading the Render method of the System.Web.UI.Page object to search for these comments and replace them with the text from the JavaScript files.
In your markup:
<!-- Include Src="MyJavascriptFileLocation.JS" -->
In your C# code:
protected override void Render(System.Web.UI.HtmlTextWriter writer)
{
// First, grab the HTML that would have been sent
System.IO.StringWriter stringWriter = new System.IO.StringWriter();
HtmlTextWriter htmlWriter = new HtmlTextWriter(stringWriter);
base.Render(htmlWriter);
string html = stringWriter.ToString();
// Look for comment
int start = html.IndexOf("<!-- Include");
// If found...
if (start >= 0)
{
// Code here to replace comment with JavaScript file
}
// Output our refactored HTML
writer.Write(html);
}
If you want more than one JavaScript file per page then you could use a while loop and repeat the search and replace until you find them all.
I am not sure this is the best thing to do. Dynamically adding in the JavaScript would really mess with the caching and such. You do minimize the number of requests the client needs to make though.
I will leave it to you if what you are asking for makes sense and just answer the question. You know a lot more about what you are trying to achieve than I do.
I just realized that you may actually be asking how to inlcude a JavaScript file into another JavaScript file. In this case, your question is not really .NET specific since the JavaScript is parsed and executed on the client (in the browser).
If this is what you want, here is a link that talks about it:
http://www.cryer.co.uk/resources/javascript/script17_include_js_from_js.htm