0

Is there any way to check consistency of the source code? I mean, compare current source code and code that was somehow described in web store?

Do Chrome saves some 'code hash' to check it before run the extension? I know that there are some ways to download .crx file directly from web store without installing, so user can unpack it and change source code.

Maybe there is some other way I can check my extension from server side?

GOTO 0
  • 42,323
  • 22
  • 125
  • 158
StackTracer
  • 45
  • 2
  • 7
  • http://stackoverflow.com/questions/194397/how-can-i-obfuscateprotect-javascript Perhaps this might help – Daniel Cheung Jan 09 '16 at 14:10
  • https://code.google.com/p/crypto-js/ this might help too – Daniel Cheung Jan 09 '16 at 14:10
  • @DanielCheung Thank you, but I have some code that doing most important work in my extension, and it absolutely can't be stored on a server - how can I deal with it? – StackTracer Jan 09 '16 at 15:36
  • I would suggest encrypting your javascript. All the variables and functions will get scrambled but still usable. Many web services uses this technology, such as Outlook.com . I don't think you should store those on a server. Find a js encryptor and run it through then pack that into your extension. – Daniel Cheung Jan 09 '16 at 15:41
  • 1
    However much you obfuscate the JavaScript you always must validate the input to your server remember. The client can send anything it likes. – rpamely Jan 09 '16 at 16:14
  • @rpamely The trick is, that th eclient should gather some numbers from user page and send it to the server - I can't check this info. – StackTracer Jan 09 '16 at 19:14

0 Answers0