Welcome to WebmasterWorld Guest from 54.224.57.95

Forum Moderators: open

Message Too Old, No Replies

How to protect javascript

     
2:03 pm on Nov 19, 2005 (gmt 0)

5+ Year Member



if we save web "save as" all the javascripts are copied on our hard disk as well.
But i want to protect my javascript from copying.
How can i protect javascript running on my website?
2:42 pm on Nov 19, 2005 (gmt 0)

10+ Year Member



you can buy encryption programmes for this. You'll need to test in all browsers (Safari often has problems for example). Search for javascript encryption

Alternatively you can render your code very difficult to edit by changing variable names and removing all line breaks.

NB you can't actually stop the script from being saved onto the user's hard disk though or it wouldn't run.

9:29 am on Nov 20, 2005 (gmt 0)

WebmasterWorld Senior Member jab_creations is a WebmasterWorld Top Contributor of All Time 10+ Year Member



If it is clientside I can get a hold of it PERIOD.

Now I have seen some sort of encryption method used. I understood that though I did not understand how to read or convert it. Yet the browser still executed the script.

1:40 am on Nov 23, 2005 (gmt 0)

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member



two steps:
1) write in a condition that looks at the URL


var domainname = location.href;
if (domainname.indexOf("mywebsite.com")>0){
dostuff();
}

2) obfuscate the heck out of the code until it's so unreadable that no one would ever bother stealing it.

People are tired of arguments why it's impossible to "protect" client-side code. And I'm tired of explaining it. Still, sometimes you get birdbrained suits who a) don't understand and b) won't liten, and to appease them try the methods above.

When they see the obfuscated javascript, tell them that it's "encrypted" using a fantastic government algorithm.

Use the word "algorithm" a lot. they like that.

good luck

1:46 am on Nov 23, 2005 (gmt 0)

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member



the best JS "encryption" usually involves turning the entire script into one long string, and mangling it with some kind of simple cipher.

The executable script uses a build-in decoder, then runs the result through exec()

4:10 am on Nov 23, 2005 (gmt 0)

10+ Year Member



Even if you can reverse "encrypted" javascript, it does help thwart casual stealing. Someone is only going to bother decrypting it if they really want it, even if it is easy to do, because lets face it, we are a pretty lazy species ;)

Removing whitespace, encrypting, etc also has a very beneficial side to it though that has nothing to do with preventing piracy: It makes the file size alot smaller. This is really quite handy if you have a large javascript library.

Dean Edwards's Javascript Packer [I know no URLs, but that should be enough info to hep you find it] can really squash stuff down... often it will reduce the size by over 50%. One note on his packer, I've had some troubles sometimes with the lower encoding settings running in Safari, but it works fantastic on the "High ASCII" setting.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month