0

I am sending an array from PHP to the document. In the document I am encoding this array to an JSON object, so I can use it with JavaScript:

<script>
var myJSON = <?=json_encode($array)?>;
</script>

My question: Is there is a way to encrypt the JSON, so when the visitor looks at the source code of the document, he won't be able to see the variables in the JSON.

It doesn't have to be a strong encryption, it's OK if it's easily reversible, something like base64 will do. There is no sensitive data in the JSON, I just don't want the content of the JSON to be accessible by the visitor too easily (e.g. right click to view source).

And it would be good if you don't have to install a third party library.

Any ideas would be appreciated!

mrk
  • 4,999
  • 3
  • 27
  • 42
Stephan Wagner
  • 990
  • 1
  • 8
  • 17
  • 1
    This might help you: http://stackoverflow.com/questions/14570831/can-i-encrypt-my-json-data. The thing to remember is that you can only really obfuscate it. People will always be able to see your client side code, the only thing you can do is make it slightly more difficult to do so. – Joe May 19 '14 at 14:24
  • have you looked at javascript obfuscators? – Dimitri May 19 '14 at 14:25
  • If you have to hide your data from the very system it's being executed on, you're going about security in the wrong way. A) If client-side code decrypts it in-browser, it's not secure [user can get at it] and B) if you're storing it in the user's browser for decryption on the server, you're only opening yourself up to data poisoning -- there's no guarantee you'll get back what you gave. – amphetamachine May 19 '14 at 14:31
  • 1
    That was a new word for me "obfuscate" :) Thanks for that I'll do some more research on that matter, that's exactly what I need – Stephan Wagner May 19 '14 at 14:33

0 Answers0