2

I am developing a JavaScript/HTML5 game and obviously anyone is going to be able to read the code, which I would rather not have happen. I appreciate I can't stop people reading the JavaScript; I can make it more difficult by obscuring it, but not stop it.

I could convert it to a Java applet (I suspect reverse engineering these is still possible, but I think it would be harder) with just a thin JavaScript wrapper (if necessary).

Someone also mentioned it might be possible to use jQuery and JSON, but I suspect that the client/server interactions may be a bit to slow to make this practical.

Does anyone know of other ways of deterring people from ripping off my work?

T.J. Crowder
  • 1,031,962
  • 187
  • 1,923
  • 1,875
FredOrJoeBlogs
  • 43
  • 4
  • 3
    Why is it that there are literally hundreds of questions about how to protect source code from theft, but not a single one that would go "help, someone ripped off my source code"? – JJJ Jul 19 '12 at 12:05
  • How do you know someone has ripped off your code? – FredOrJoeBlogs Jul 19 '12 at 12:39

4 Answers4

2

If it is javascript, it can be read by other people, whether you use JQuery or AJAX, because it will have to processed by the client's computer and for that, it needs to be transferred to it.

Your best bet is to obfuscate your code, if you are sticking to JavaScript. That way, it is much harder for people to steal your code.

IF you are converting it to a Java Applet, it is only slightly better, as the client can retrieve your Applet and there are Java Decompilers like JD which can help him get atleast a partial look into sources. You will have to run it through a something like ProGuard, to obfuscate that code.

If it has to run at the client-end, no matter which language you pick, there will be atleast a tiny possibility of your code sources being looked at. All you can do is to make it harder to read, understand, and reverse engineer your code using obfuscation.

Community
  • 1
  • 1
Anirudh Ramanathan
  • 46,179
  • 22
  • 132
  • 191
1

I apreciate I can't stop people reading the javascript, I can make it more difficult by obsucring it, but not stop it.

True, although the Closure compiler in advanced mode makes the code almost entirely unreadable to human beings. (It also optimizes it, inlining where appropriate [in case the JavaScript engine running it later doesn't], removes dead code, and makes identifiers as short as possible, and a bunch of other things.)

I could convert it to a Java applet (I suspect reverse engineering these is still possible, but I think it would be harder)...

Yes, it's entirely possible. There are tools to turn Java bytecode (what would be delivered to the client) back into readable source. Variable names and several other things are lost, and the code may look a bit odd, but the tools are there. I'm not at all sure it would be harder than dealing with the Closure compiler's advanced-optimized version, though, frankly.

Someone also mentioned it might be possible to use JQuery and JSON...

They must not have understood, those are also entirely readable by the client.

Does anyone know of other ways of detering people from ripping off my work?

My best advice is the Closure compiler. Failing that, if you're willing to go the proprietary route, use Flash — but Flash apps, like Java applets, can be reverse-engineered. I have the impression it's harder than reverse-engineering Java applets, but I don't know a lot about Flash.

T.J. Crowder
  • 1,031,962
  • 187
  • 1,923
  • 1,875
  • I agree with Sir Crowder. Someone has to be fairly determined to untangle your code if it's been crunched in advanced mode. Mind you, if you use jQuery, your code may not sustain advanced mode compilation. – Nick Jul 19 '12 at 12:09
0

I'd say your best bet is not to even try. If you're delivering source code over the wire, people will be able to read it. Obfuscation might make it more difficult, but will not stop someone determined. And it's those determined people that you probaby would most want to stop. I'd suggest you simply live with it: write your code cleanly and clearly, use a minifier for download size, and accept the fact that others will be able to read it if they like.

And if you really want to port it to another language, that's fine. But Java applets are almost as easy to decode, so you'll have to do it server-side or deliver it in some other manner than in the browser. If that trade-off is worth it to you, there are plenty of compiled languages available.

Scott Sauyet
  • 49,207
  • 4
  • 49
  • 103
0

Obfuscation is your best bet. The goal is not to stop them being able to read your source code, it's to make it easier / cheaper for them to recreate it by hand, thus deterring them from ripping off your work.

jhoyla
  • 1,191
  • 1
  • 9
  • 26