How to make my JavaScript code unusable by anyone else?

Question

Heh, that's something that many plugin authors do without needing help, isn't it? :) Here's the rub -- I'm coding a jQuery plugin which I have the intent to sell. I want to provide a live demo of it; of course, I don't want anyone just using the demo code.

I know it's dumb, and it certainly doesn't bring any good karma, but what are some naughty things I can do in the demo script that would make life reasonably difficult for anyone trying to use it? Setting undefined = true comes to mind, as well as overriding jQuery methods. Any suggestions beyond that?

Answer 1

I like Diodeus's idea of a video (or a screencast, etc.).

But if you absolutely, positively want an interactive demo, take jQuery, your plugin, and your demo code, put all three together, and throw the Closure Compiler at it (with advanced optimizations if you can get that to work with jQuery; with simple optimizations otherwise). The Closure Compiler is a lot more than just a minifier; it actually re-writes your code, inlining functions (even in simple mode), changing identifier names, etc. If all the code is compiled together, you don't have to tell it to "export" any symbols, it can have a renaming, inlining frenzy. :-) It will conflate the three parts (jQuery, plug-in, and demo) such that it'll be far more work than it's worth to unravel them.

Answer 2

The JavaScript environment, by its very nature, is insecure. Other than minifying the code, there's nothing you can really do. If the browser can see it, the user can see it. It's the same argument of trying to prevent people from stealing your images.

If you want to make a demo, make a video of it.

Answer 3

Don't make your deno code a jQuery plugin: instead, make it a plugin for a library that is functionally equivalent to jQuery.

Basically, take a copy of jQuery and rename all of the functions in it (and/or swap around the order of function arguments). Then make a demo copy of your plugin that is modified to use the new, messed-up copy of jQuery.

Alternatively (or additionally), minify it and have it torch/delete/ruin any component of jQuery that it doesn't need. Anyone who wants to use your minfied code will find their jQuery object has been substantially altered.

There are fairly simple workarounds to all of these defenses, but it might keep away anyone not sufficiently dedicated to understanding what's going wrong. In the end, you may find it's simply not worth the effort and just trust that honest customers will make development worth your while.

Answer 4

Add a check which will only pass on your own host. Then minify the code to obscure the workings.

Answer 5

Any many posts have suggested, most JavaScript can can ripped off without too much hassle, although it is possible to make it difficult for people. I would recommend using a good JavaScript Obfuscator; I found this one just now, and it seems to make it pretty unread-able to even the trained eye.

Before:

var somethingToSay = "hello world";
function saySomething(phrase)
{
    alert(phrase);
}
sayHello(somethingToSay);

After:

eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d[c]=k[c]||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('2 0="3 4";8 5(1){7(1)}6(0);',9,9,'somethingToSay|phrase|var|hello|world|saySomething|sayHello|alert|function'.split('|'),0,{}))

It's worth noting, that with any obfuscation, there might be a slight performance hit, but it's the price paid for "securing" your work.

Answer 6

You can minify the code to make it harder to read.

Answer 7

Publish your 'demo' in the form of a screen recording rather than live code.

Answer 8

If it's out there, it can get ripped off. You can minify, obscure, do weird things to the source code like splitting it over a bunch of JS files, but it can still be ripped off. If you really want a demo, have you considered recording a video demo?