0

Is there any option to hide script source? 

<script src="./script/jquery/jquery-X.X.X.js" type="text/javascript"></script>

delete this value or change to

<script src="./script/jquery/jquery" type="text/javascript"></script>

without changing a file name in the project?

derirative23
  • 486
  • 2
  • 7
  • 22
  • No. But you can use `` if want to disable right click. – Shubham Pokhriyal Mar 28 '19 at 11:07
  • Not possible - any changes will result in a 404 error when you try to get the file. – Jack Bashford Mar 28 '19 at 11:08
  • Alternatively you could include the contents of the script file as script on the web page itself on the server side. How this is done depends on your server side language. But I don't really see the benefits of this and wouldn't recommend it. – Mark Baijens Mar 28 '19 at 11:15
  • Possible duplicate of [How do I hide javascript code in a webpage?](https://stackoverflow.com/questions/6869312/how-do-i-hide-javascript-code-in-a-webpage) – VLAZ Mar 28 '19 at 11:18
  • Why would you want to do this? – ssc-hrep3 Mar 28 '19 at 17:18

2 Answers2

2

No there isn't - the browser always needs to know the script is there to be able to use it. Tools baked into every modern browser make it trivial to see all scripts, no matter how hard they have been obfuscated. But maybe I have mis-understood your question - are you just trying to hide the path of your file?

MikeB
  • 580
  • 3
  • 18
  • "*But maybe I have mis-understood your question - are you just trying to hide the path of your file*" even then, the first sentence of your answer is still relevant. There is no way to hide the script's path. Not while still being able to use the file. And if the browser can use the file, anybody can. If the browser can't use the file, than the obfuscation is rather useless - you're not using the file at all, so you may as well not include it. – VLAZ Mar 28 '19 at 11:22
2

You could use mod_rewrite (if using Apache webserver) to map one url to another in the .htaccess file:

RewriteEngine on
RewriteRule ^/script/jquery/jquery$ /script/jquery/jquery-1.2.3.js [NC,L]

Not sure what kind of feature that would be though. I can't see any benefit of doing so. One can always inspect any asset downloaded along with the page.

The only "protection" there is would be to build entire app into one bundle file (using Webpack for example) and then obfuscate the code. But there are plenty of deobfuscation tools already, available online. So no, you can't protect front assets.

Mike Doe
  • 16,349
  • 11
  • 65
  • 88