U may use compacted version, which is very hard to read by human beings.

compacted?

-s-

I save all my JavaScript files externally and call the .js file wherever I want to use it. That way, nobody will be able to see it and you can use the same .js file in different pages. That's probably the best way to hide your code.

Luckydude

PS:- Actually, I WANT other people to see my code. That's why I put lots of comment in my code so that when people look at it, they can understand. It doesn't harm me, but if I write a clean code, someone can learn from me.

Just a thought..

compacted?

No carriage returns or extra spaces. Use meaningless or confusing names (single letters are good) for variable and function names. Use "short-cut" syntax like ++, +=, etc. whenever possible.

This "art" is also called code obfuscation.

btw - if you do it, consider this a "publishing" process. That is, keep a copy of the un-obfuscated code for bug-fixes and updates.

btw - right after I made the previous post, I did a google search on "code obfuscation" to see what popped up. For starters, you will find several good articles and tools for it. But more interesting (I thought) was that the first paid ad on the right hand side was an employment ad for none other than Google! And they seemed like such nice people!

I save all my JavaScript files externally and call the .js file wherever I want to use it

That hides it for about 10 minutes.

When I view source of a page and see the external file, I just link directly to the file and download the entire JS file.

Microsoft has a ScriptEncoder which will slow people down. It's not a highly secure system, as there are script decoders out there as well which break the MS code, but for casual protection there it is.

Here's a link where you can "encrypt" your javascript code so it's very difficult to decipher:

[jimworld.com...]

thnx txbakers and jonathanleger for the information. I didn't know you could look at somebody's external .js file. Anyhow, now I know and jonathanleger provided the link where you could encrpt your .js code, I will go there from next time. Thanks again guys.

Luckydude

If the external js file is in a virtual directory or in a restricted directory shouldn't this prevent it from being downloaded? I wouldn't use the MS Encoder i came across some script the other day where someone had encrypted a URL it was the first time I had come across it and within 5 minutes i'd found the decoder and had the URL in plain text and that was just out of curiosity so I would avoid this method and go for something more secure if your serious about it.

Mark

There is NO "more secure," though, so.... Any way you do itaAll you are doing is blocking the casual user from getting at it.

Oh, and it is Javascript - not exactly a state secret. I am sure everyone uses techniques in their javascript they picked up from somewhere. (non third party) Client-side web development is forced to use an open model, by its very nature.

If the external js file is in a virtual directory or in a restricted directory shouldn't this prevent it from being downloaded?

Javascript is a client-side scripting language. This means that the clients (visitors) computer processes the script. If you hide your .js file in a restricted directory the clients computer wouldn't be able to access it.

that's why I put lots of comment in my code so that when people look at it, they can understand.

It is nice to have clean code and always a good idea to add a lot of comments to your code, but it isn't always the best idea to force visitors to download a bloated script on the off-chance that one of them may wish to view the source. The browser needs to read through the .js file before it can start rendering your page. So anything you can do to keep your externel css and javascript files small and compact is a good idea. You can always keep a source copy of your code for editing with all the comments and then just strip them out before uploading the file to your website.

If you are becoming a good coder and feel like you don't want people to copy your hard work you should consider looking into a server-side scripting language. This means the script is processed on the webserver and not the clients machines. This allows you to put your scripts into a restricted directory. Server side also allows you to add comments and such to your scripts without sending them along with the webpage.

Server-side scripting does have limitations and can't do certain things that javascript can. Another program that can imitate what javascript can do would be actionscript in flash. Flash creates a .swf file which only the flash player can read. It would look like jibberish to anyone trying to read it which would allow you to hide your source. Although I hear there are programs for reverse engineering flash scripts, but thats probably less comman than people stealing javascripts. You've probably already heard a lot about the evils of using flash so it's not exactly the perfect solution either.